LFS-11.3 was released on 2023-03-01
In dbus-1.14.8, a security vulnerability was fixed that could allow for an unprivileged user to cause a denial-of-service (system message bus daemon crash) by sending an unreplyable message when an administrator is monitoring the dbus daemon. Update to dbus-1.14.8 or later. 11.3-041
In libcap-2.69, two security vulnerabilities were fixed that could allow for denial of service. These occur due to an integer overflow and a memory leak, and can be triggered when using the __real_pthread_create() and the _libcap_strdup() functions in libcap. Update to libcap-2.69 to fix them. 11.3-032
In Linux-6.4.1 (and Linux 6.1.31), a security vulnerability was fixed that allows for privilege escalation due to a memory management subsystem vulnerability. Update to Linux-6.4.1 or Linux-6.1.31 (LTS) to fix them. 11.3-052
In Linux-6.2.3 through 6.2.9 (and Linux-6.1.15 through 6.1.22), eleven security vulnerabilities were fixed in various kernel subsystems. These vulnerabilities could allow full system crash or deadlock, network filter bypass, or local priviledge escalation. Update to Linux-6.2.9 or Linux-6.1.22 (LTS) to fix them. 11.3-011
In Linux-6.2.2 (and Linux-6.1.14), five security vulnerabilities were fixed in various kernel subsystems. These vulnerabilities could allow full system crashes or insufficient protection against hardware vulnerabilities. Update to Linux-6.2.2 or Linux-6.1.14 (LTS) to fix them. 11.3-001
In OpenSSL-3.1.2, three security vulnerabilities were fixed that could cause excessive slowdown (and thus a denial of service) when processing DH keys and parameters, and for applications using the AES-SIV cipher from OpenSSL to be misled. Update to OpenSSL-3.1.2 (or 1.1.1v if you prefer to stay on the OpenSSL-1.1 series). 11.3-069
In OpenSSL-3.1.1, several security vulnerabilities were fixed that could allow for denial of service, crashes on ARM64 platforms, certificate policy bypass, and severe degredation of performance. Update to OpenSSL-3.1.1. 11.3-033
In Python-3.11.4, three security vulnerabilities were fixed that could allow for directory traversal, disk location exposure over HTTP, and for policy bypasses. Update to Python-3.11.4. 11.3-040