Tue Jan 16 20:49:28 UTC 202420240116204928_15.0

patches/packages/gnutls-3.8.3-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes two medium severity security issues:
  Fix more timing side-channel inside RSA-PSK key exchange.
  Fix assertion failure when verifying a certificate chain with a cycle of
  cross signatures.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-0553
    https://www.cve.org/CVERecord?id=CVE-2024-0567
  (* Security fix *)
patches/packages/xorg-server-1.20.14-x86_64-11_slack15.0.txz:  Rebuilt.
  This update fixes security issues:
  Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer.
  Reattaching to different master device may lead to out-of-bounds memory access.
  Heap buffer overflow in XISendDeviceHierarchyEvent.
  Heap buffer overflow in DisableDevice.
  SELinux context corruption.
  SELinux unlabeled GLX PBuffer.
  For more information, see:
    https://lists.x.org/archives/xorg/2024-January/061525.html
    https://www.cve.org/CVERecord?id=CVE-2023-6816
    https://www.cve.org/CVERecord?id=CVE-2024-0229
    https://www.cve.org/CVERecord?id=CVE-2024-21885
    https://www.cve.org/CVERecord?id=CVE-2024-21886
    https://www.cve.org/CVERecord?id=CVE-2024-0408
    https://www.cve.org/CVERecord?id=CVE-2024-0409
  (* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-x86_64-11_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-x86_64-11_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-x86_64-11_slack15.0.txz:  Rebuilt.
patches/packages/xorg-server-xwayland-21.1.4-x86_64-10_slack15.0.txz:  Rebuilt.
  This update fixes security issues:
  Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer.
  Reattaching to different master device may lead to out-of-bounds memory access.
  Heap buffer overflow in XISendDeviceHierarchyEvent.
  Heap buffer overflow in DisableDevice.
  SELinux unlabeled GLX PBuffer.
  For more information, see:
    https://lists.x.org/archives/xorg/2024-January/061525.html
    https://www.cve.org/CVERecord?id=CVE-2023-6816
    https://www.cve.org/CVERecord?id=CVE-2024-0229
    https://www.cve.org/CVERecord?id=CVE-2024-21885
    https://www.cve.org/CVERecord?id=CVE-2024-21886
    https://www.cve.org/CVERecord?id=CVE-2024-0408
  (* Security fix *)

1 files changed, 56 insertions, 2 deletions

diff --git a/ChangeLog.rss b/ChangeLog.rss
index 2d461f516..c940a39e6 100644
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@@ -11,10 +11,64 @@
       <description>Tracking Slackware development in git.</description>
       <language>en-us</language>
       <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Wed, 10 Jan 2024 20:25:54 GMT</pubDate>
-      <lastBuildDate>Thu, 11 Jan 2024 12:30:19 GMT</lastBuildDate>
+      <pubDate>Tue, 16 Jan 2024 20:49:28 GMT</pubDate>
+      <lastBuildDate>Wed, 17 Jan 2024 12:30:23 GMT</lastBuildDate>
       <generator>maintain_current_git.sh v 1.17</generator>
       <item>
+         <title>Tue, 16 Jan 2024 20:49:28 GMT</title>
+         <pubDate>Tue, 16 Jan 2024 20:49:28 GMT</pubDate>
+         <link>https://git.slackware.nl/current/tag/?h=20240116204928</link>
+         <guid isPermaLink="false">20240116204928</guid>
+         <description>
+           <![CDATA[<pre>
+patches/packages/gnutls-3.8.3-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes two medium severity security issues:
+  Fix more timing side-channel inside RSA-PSK key exchange.
+  Fix assertion failure when verifying a certificate chain with a cycle of
+  cross signatures.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2024-0553
+    https://www.cve.org/CVERecord?id=CVE-2024-0567
+  (* Security fix *)
+patches/packages/xorg-server-1.20.14-x86_64-11_slack15.0.txz:  Rebuilt.
+  This update fixes security issues:
+  Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer.
+  Reattaching to different master device may lead to out-of-bounds memory access.
+  Heap buffer overflow in XISendDeviceHierarchyEvent.
+  Heap buffer overflow in DisableDevice.
+  SELinux context corruption.
+  SELinux unlabeled GLX PBuffer.
+  For more information, see:
+    https://lists.x.org/archives/xorg/2024-January/061525.html
+    https://www.cve.org/CVERecord?id=CVE-2023-6816
+    https://www.cve.org/CVERecord?id=CVE-2024-0229
+    https://www.cve.org/CVERecord?id=CVE-2024-21885
+    https://www.cve.org/CVERecord?id=CVE-2024-21886
+    https://www.cve.org/CVERecord?id=CVE-2024-0408
+    https://www.cve.org/CVERecord?id=CVE-2024-0409
+  (* Security fix *)
+patches/packages/xorg-server-xephyr-1.20.14-x86_64-11_slack15.0.txz:  Rebuilt.
+patches/packages/xorg-server-xnest-1.20.14-x86_64-11_slack15.0.txz:  Rebuilt.
+patches/packages/xorg-server-xvfb-1.20.14-x86_64-11_slack15.0.txz:  Rebuilt.
+patches/packages/xorg-server-xwayland-21.1.4-x86_64-10_slack15.0.txz:  Rebuilt.
+  This update fixes security issues:
+  Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer.
+  Reattaching to different master device may lead to out-of-bounds memory access.
+  Heap buffer overflow in XISendDeviceHierarchyEvent.
+  Heap buffer overflow in DisableDevice.
+  SELinux unlabeled GLX PBuffer.
+  For more information, see:
+    https://lists.x.org/archives/xorg/2024-January/061525.html
+    https://www.cve.org/CVERecord?id=CVE-2023-6816
+    https://www.cve.org/CVERecord?id=CVE-2024-0229
+    https://www.cve.org/CVERecord?id=CVE-2024-21885
+    https://www.cve.org/CVERecord?id=CVE-2024-21886
+    https://www.cve.org/CVERecord?id=CVE-2024-0408
+  (* Security fix *)
+           </pre>]]>
+         </description>
+      </item>
+      <item>
          <title>Wed, 10 Jan 2024 20:25:54 GMT</title>
          <pubDate>Wed, 10 Jan 2024 20:25:54 GMT</pubDate>
          <link>https://git.slackware.nl/current/tag/?h=20240110202554</link>