Secure PDF Viewer app version 19 released

Notable changes in version 19:

  • avoid crash from unhandled exception in PDF date parsing for displaying metadata (was not a regression in version 18)
  • update eslint to 0.21.1
  • avoid false positive lint checks

A full list of changes from the previous release (version 18) is available through the Git commit log between the releases.

Simple Android PDF viewer based on pdf.js and content providers. The app doesn’t require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they’re within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.

This app is available through the Play Store with the . Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.

Releases of the app signed by GrapheneOS with the app.grapheneos.pdfviewer id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • grapheneos@lemmy.ml
  • GTA5RPClips
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • tacticalgear
  • cubers
  • Youngstown
  • mdbf
  • slotface
  • rosin
  • osvaldo12
  • ngwrru68w68
  • kavyap
  • InstantRegret
  • JUstTest
  • everett
  • Durango
  • cisconetworking
  • khanakhh
  • ethstaker
  • tester
  • anitta
  • Leos
  • normalnudes
  • modclub
  • megavids
  • provamag3
  • lostlight
  • All magazines
    •