Changes in version 127.0.6533.104.2:

• enable Shadow Call Stack on 64-bit ARM in addition to pointer authentication since pointer authentication is probabilistic and only supported on ARMv9 devices such as 8th/9th generation Pixels
• keep stack canaries enabled via -fstack-protector-strong when Shadow Call Stack is enabled as we already do in the kernel to preserve the minor security benefits it still provides and to work around crashes occurring in certain apps using the WebView with it disabled

A full list of changes from the previous release (version 127.0.6533.104.1) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn’t yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won’t be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.