Errata for BLFS systemd Version 8.4

Known Security Vulnerabilities

A few packages are good at reporting that a new release fixes a vulnerability. For some others, such as firefox, virtually every new release includes security fixes. But in many cases the fixes are not documented as security issues.

Updates to the packages in the book may be available in the development version of the book.

A vulnerability in kf5's kcodecs package now has a fix for CVE-2013-0779. See the build instructions that add a sed to the script in ../../view/svn/kde/krameworks5.html.

Two critical zero-day security vulnerabilities were discovered in Firefox and Thunderbird. The BLFS team recommends upgrading to the new versions immediately. See the build instructions in ../../view/systemd/xsoft/firefox.html and ../../view/systemd/xsoft/thunderbird.html.

After release, seven vulnerabilities were discovered in Apache HTTPD. These include two privilege escalation vulnreabilities and one access control bypass. The BLFS team recommends upgrading to the new version ASAP. See the build instructions in ../../view/systemd/server/apache.html.