In the 11.3 release, --enable-default-pie
and --enable-default-ssp
are enabled for
GCC. These techniques can mitigate some malicious attacks, but they
do not provide perfect security. Note that some textbooks assume
these options are disabled, so that if you run examples from such a
textbook on an LFS system, you may need to disable PIE and SSP with
the GCC options -fno-pie -no-pie
-fno-stack-protection
.
Here is a list of the packages updated since the previous release of LFS.
Mis à jour vers :
Bash 5.2
Bc 6.0.4
Expat-2.5.0
File-5.43
Gawk-5.2.0
Gettext-0.21.1
Grep-3.8
IANA-Etc-20221025
Inetutils-2.4
IPRoute2-6.0.0
Less-608
Libcap-2.66
Libffi-3.4.4
Linux-6.0.6
Make-4.4
Man-DB-2.11.0
Man-pages-6.01
Meson-0.63.3
Ninja-1.11.1
Openssl-3.0.7
Procps-ng-4.0.1
Python-3.11.0
Readline-8.2
Shadow-4.12.3
Tzdata-2022f
Vim-9.0.0739
XZ-Utils-5.2.7
Zlib-1.2.13
Ajoutés :
bash-5.2-upstream_fixes-1.patch
readline-8.2-upstream_fix-1.patch
Supprimés :