Guest RedNick Posted April 22, 2014 Report Posted April 22, 2014 I know that it is obviously more productive to target servers and therefore individual devices are unlikely to be attacked. All the same, devices running 4.1.1 (and therefore any stock-based ROM) are vulnerable to this flaw. Is there a known way to update the OpenSSL libraries in a stock ROM with secured versions? Otherwise, it would appear that Huawei have slated 10-5-14 as a release date for a fixed B197 stock ROM. Can those with dev experience clarify if it will be possible to replace OpenSSL with, say a CWM-flashable zip, on existing ROMs, using the version from the new stock ROM, once it is released?
Guest SH3H1 Posted April 22, 2014 Report Posted April 22, 2014 There is a heartbleed fix wich is working on fusionX (i tested :D ) I think it will work on all stock based ROMs
Guest Posted April 27, 2014 Report Posted April 27, 2014 You could extract any libssl.so (located on your device @ /system/lib/ ) from an 4.1.2 ROM of your choice, like CM10 for example. Take a look @this. Someone extracted the libssl.so already and prepared an updater ZIP: https://www.dropbox.com/s/tqxfjwwja3uaqsn/install-patch.zip It's up to you wheather you extract the file on your own from any ROM or if you trust that guy's file.
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now