LFS 11.3 Security Advisories

LFS Security Advisories for LFS 11.3 and the current development books.

LFS-11.3 was released on 2022-03-01

libcap

11.3 032 libcap (LFS) Date: 2023-06-05 Severity: Medium

In libcap-2.69, two security vulnerabilities were fixed that could allow for denial of service. These occur due to an integer overflow and a memory leak, and can be triggered when using the __real_pthread_create() and the _libcap_strdup() functions in libcap. Update to libcap-2.69 to fix them. 11.3-032

Linux Kernel

11.3 011 Linux Kernel (LFS) Date: 2023-03-05 Severity: High

In Linux-6.2.3 through 6.2.9 (and Linux-6.1.15 through 6.1.22), eleven security vulnerabilities were fixed in various kernel subsystems. These vulnerabilities could allow full system crash or deadlock, network filter bypass, or local priviledge escalation. Update to Linux-6.2.9 or Linux-6.1.22 (LTS) to fix them. 11.3-011

11.3 001 Linux Kernel (LFS) Date: 2023-03-05 Severity: High

In Linux-6.2.2 (and Linux-6.1.14), five security vulnerabilities were fixed in various kernel subsystems. These vulnerabilities could allow full system crashes or insufficient protection against hardware vulnerabilities. Update to Linux-6.2.2 or Linux-6.1.14 (LTS) to fix them. 11.3-001

OpenSSL

11.3 033 OpenSSL (LFS) Date: 2023-06-05 Severity: Medium

In OpenSSL-3.1.1, several security vulnerabilities were fixed that could allow for denial of service, crashes on ARM64 platforms, certificate policy bypass, and severe degredation of performance. Update to OpenSSL-3.1.1. 11.3-033