As we expected, it's listed in the Pixel Update Bulletin despite being an Android Open Source Project vulnerability and patch:
https://source.android.com/docs/security/bulletin/pixel/2024-05-01
Android Security Bulletins only cover the subset of High/Critical severity patches backported to the baseline yearly releases.
(this has been pushed in the latest GrapheneOS update)
final [GrapheneOS] 📱👁️🗨️
npub1c9d…sqfm
2024-05-08 11:29:49
in reply to nevent1q…pvxy
Author Public Key
npub1c9d95evcdeatgy6dacats5j5mfw96jcyu79579kg9qm3jtf42xzs07sqfmPublished at
2024-05-08 11:29:49Event JSON
{
"id": "5a0dc81f22baa3137162a6fc6bbcb6aab0afd080551c08dca000353325a52366",
"pubkey": "c15a5a65986e7ab4134dee3ab85254da5c5d4b04e78b4f16c82837192d355185",
"created_at": 1715160589,
"kind": 1,
"tags": [
[
"e",
"848a0adb8e68c9227ee2cfb9b40a16454f25409c7f8712b106381ce19326ebfe",
"",
"root"
],
[
"p",
"c15a5a65986e7ab4134dee3ab85254da5c5d4b04e78b4f16c82837192d355185"
],
[
"r",
"https://source.android.com/docs/security/bulletin/pixel/2024-05-01"
]
],
"content": "As we expected, it's listed in the Pixel Update Bulletin despite being an Android Open Source Project vulnerability and patch:\n\nhttps://source.android.com/docs/security/bulletin/pixel/2024-05-01\n\nAndroid Security Bulletins only cover the subset of High/Critical severity patches backported to the baseline yearly releases.\n\n(this has been pushed in the latest GrapheneOS update)",
"sig": "4b4dde612d9c632bcd75fabf5964bc59be6b86e6205dbd730df6a42d73e6e162285e7562d01cc98af25452b26fa59620c543ed6b433f656c809bccef05208586"
}