Errata for BLFS Version 8.3

Known Security Vulnerabilities

A few packages are good at reporting that a new release fixes a vulnerability. For some others, such as firefox, virtually every new release includes security fixes. But in many cases the fixes are not documented as security issues.

Updates to the packages in the book may be available in the development version of the book.

A vulnerability in texlive's handling of postscript files, applicable to all versions from the past several years, has been fixed with a patch to the 2018 source in the development book, tested with BLFS-8.1 and later. For users of the binary texlive who have not updated since 2018-09-20, please do so.

A vulnerability with available exploits in all recent versions of ghostscript has been fixed in the development book by patching gs-9.25. The current version of the patch is -2 and the vulnerability applies to PDF files as well as postscript.

A trivially-exploitable local privilege escalation in versions of xorg-server since 1.19 has been fixed in 1.20.3.