In the 11.3 release, --enable-default-pie and --enable-default-ssp are enabled for
GCC. These techniques can mitigate some malicious attacks, but they
do not provide perfect security. Note that some textbooks assume
these options are disabled, so that if you run examples from such a
textbook on an LFS system, you may need to disable PIE and SSP with
the GCC options -fno-pie -no-pie
-fno-stack-protection.
Here is a list of the packages updated since the previous release of LFS.
Upgraded to:
Bash 5.2.9
Bc 6.1.1
Expat-2.5.0
File-5.43
Gawk-5.2.0
Gettext-0.21.1
Grep-3.8
IANA-Etc-20221025
Inetutils-2.4
IPRoute2-6.0.0
Less-608
Libcap-2.66
Libelf-0.188 (from elfutils)
Libffi-3.4.4
Linux-6.0.9
Make-4.4
Man-DB-2.11.1
Man-pages-6.01
Meson-0.64.0
Ninja-1.11.1
Openssl-3.0.7
Procps-ng-4.0.1
Python-3.11.0
Readline-8.2
Sed-4.9
Shadow-4.13
SysVinit-3.05
Texinfo-7.0
Tzdata-2022f
Vim-9.0.0739
wheel-0.38.4
XZ-Utils-5.2.8
Zlib-1.2.13
Added:
readline-8.2-upstream_fix-1.patch
Removed: