Given all the Android security topics in the news, we thought it prudent to issue a follow-up to the 10.1.0 general release, incorporating patches for various vulnerabilities that have since been identified.
At the time of this post, CyanogenMod 10.1.1 releases are building and mirroring to our download portal. The CM 10.1.1 build is purely a security bug-fix release on top of the previous 10.1.0.x code-base. While it does not carry any new features, it does address the following:
- Bug 8219321 aka “MasterKey” exploit (also patched in CM 7 and CM 9 source)
- CVE-2013-2094 (Linux kernel exploit)
- CVE-2013-2596 (Qualcomm-specific exploit)
- CVE-2013-2597 (Qualcomm-specific exploit)
- General device bug-fixes
With the security nature of this release, all users on CM 10.1.0.x are encouraged to update once their respective build is available.