LFS Security Advisories

At one time, vulnerabilities were mentioned on the old LFS-security list, but that has become defunct. In recent times, BLFS has noted vulnerabilities in its Errata sections, but while LFS tickets for new versions have sometimes mentioned security fixes, the only way to keep on top of that has been to read the lfs-book list.

Now, for items since LFS-10.0 (and BLFS-10.0) were released on 1st September 2020, advisories are (sometimes belatedly for 10.0 items) being documented. There will be separate pages for each release of the book (covering up to the next release) and there is also a consolidated page for all LFS and BLFS security advisories.

lease note that vulnerabilities to package versions before those in our release are not noted, so if you are running a version of LFS before 10.0 you should check the Errata for past releases as well as monitoring the items here, and similarly if you are not on the current release you should check the advisories for the previous release(s).

The advisories for LFS-10.1 up until LFS-10.2 is released are at LFS-10.1

The advisories for LFS-10.0 up until LFS-10.1 was released are at LFS-10.0

A consolidated list of LFS and BLFS advisories since the release of LFS-10.0 and BLFS-10.0 can be found at consolidated.html