Hacker News new | past | comments | ask | show | jobs | submit login

Just an update from the Google side: As discussed below, any Android users on 4.4+ or running Chrome are not affected. For earlier versions of Android, we've shipped patches for AOSP:

https://android.googlesource.com/platform/external/webkit/+/... https://android.googlesource.com/platform/external/webkit/+/...

These are in the AOSP branches for jb-dev, jb-mr1-dev, jb-mr1.1-dev, and jb-mr2-dev.

Does this mean that there will be an update for the Galaxy Nexus?

OS updates for $SPECIFIC_PHONE are generally reliant on the carrier to decide to push out a patch, even after AOSP itself is patched. So an answer "from the Google side" can't really answer your question.

The regular carrier-independent versions (Yakju/Maguro and Takju/Maguro) which are directly supported by Google.

is android kitkat 4.4.x safe from this bug regardless of whether chrome browser exists (not installed or uninstalled) in the phone or not? please enlighten. thanks.

My understanding is that Chrome replaced Webkit in WebView's internal implementation in 4.4, so the bug should never appear in 4.4.

Yup correct. Completely different WebView. And the bug is technically in the WebView.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact