Saffron (also known as JailbreakMe 3.0) is a userland untethered jailbreak from comex that utilizes JailbreakMe.com, yet again. It was the first jailbreak made available to the public for the iPad 2 running iOS 4.3.3. In June 2011, comex began to put up teasers on JailbreakMe. In early July 2011, someone Googled comex's other site and found a prerelease version of "Saffron," the third incarnation of JailbreakMe. Word about this "leak" inevitably spread. On 6 July 2011, "Saffron" made its official debut on JailbreakMe. An incomplete prerelease version was leaked on 2 July 2011, after it was discovered on comex's server.
This jailbreak was patched on 15 July 2011 with the releases of iOS 4.2.9 (iPhone 4 (iPhone3,3)) and 4.3.4 (all other devices).
Exploits Used[edit source]
Compatibility[edit source]
| Device | Works with firmware... | |||||||
|---|---|---|---|---|---|---|---|---|
| 4.2.6 | 4.2.7 | 4.2.8 | 4.3 | 4.3.1 | 4.3.2 | 4.3.3 | ||
| iPad | — | Yes | ||||||
| iPad 2 | No | Yes | ||||||
| iPhone 3GS | Yes | |||||||
| iPhone 4 (iPhone3,1) | ||||||||
| iPhone 4 (iPhone3,3) | Yes | — | ||||||
| iPod touch (3rd generation) | — | Yes | No | Yes | ||||
| iPod touch (4th generation) | Yes | |||||||
Problems[edit source]
Domain owner problem[edit source]
On 7 October 2011, MuscleNerd announced that the domain was sold and that the new owner was unknown, so that there is a big danger of the site hosting malware. It turned out that the new owner was friendly and sold it the next day to Saurik who hosted the site anyway. Problem solved.
Certificate problem[edit source]
Starting early December 2015, the domain started to display a blank homepage. In addition, JailbreakMe began to redirect traffic to HTTPS; however, the TLS certificate it was using was invalid. Turns out comex moved the files to his personal domain.
References[edit source]
External Links[edit source]
- Saffron (semi-broken)
- Source Code
- Analysis of the Exploit Archived 2011-07-22 at the Wayback Machine
- Apple KB HT4802 (iOS 4.2.9/4.3.4 Security Fixes)
