glibc vulnerability in newer versions.

Maybe Trisquel knows about the glibc vulnerability in newer versions, but if not this may be an issue with any "update" as an "update" may than introduce a vulnerability into Trisquel.

https://trisquel.info/en/forum/glibc-vulnerability-newer-versions

and

https://forums.hyperbola.info/viewtopic.php?id=1018 show newer versions of glibc may have vulnerability problems.

Hyperbola uses 2.30, I think and Trisquel uses, as seen from apt-get 2.35-0ubuntu3.6+11.0trisquel1 I think.

This issue affects glibc 2.36 and newer.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6779 https://nvd.nist.gov/vuln/detail/CVE-2023-6779

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6780 https://nvd.nist.gov/vuln/detail/CVE-2023-6780

Also

https://blog.qualys.com/vulnerabilities-threat-research/2024/01/30/qualys-tru-discovers-important-vulnerabilities-in-gnu-c-librarys-syslog

shows in part.

For the first vulnerability (CVE-2023-6246), a significant security flaw has been identified in the GNU C Library’s __vsyslog_internal() function, affecting syslog() and vsyslog(). This heap-based buffer overflow vulnerability was inadvertently introduced in glibc 2.37 (August 2022) and subsequently backported to glibc 2.36 while addressing a different, less severe vulnerability (CVE-2022-39046). Major Linux distributions like Debian (versions 12 and 13), Ubuntu (23.04 and 23.10), and Fedora (37 to 39) are confirmed to be vulnerable. This flaw allows local privilege escalation, enabling an unprivileged user to gain full root access, as demonstrated in Fedora 38.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information