Fri Oct 14 01:39:37 UTC 202220221014013937_15.0

patches/packages/mozilla-thunderbird-102.3.3-x86_64-1_slack15.0.txz:  Upgraded.
  This is a bugfix release.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/102.3.3/releasenotes/
patches/packages/python3-3.9.15-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  Bundled libexpat was upgraded from 2.4.7 to 2.4.9 which fixes a heap
  use-after-free vulnerability in function doContent.
  gh-97616: a fix for a possible buffer overflow in list *= int.
  gh-97612: a fix for possible shell injection in the example script
  get-remote-certificate.py.
  gh-96577: a fix for a potential buffer overrun in msilib.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
  (* Security fix *)

1 files changed, 17 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 13c050bc2..b08a304e2 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,20 @@
+Fri Oct 14 01:39:37 UTC 2022
+patches/packages/mozilla-thunderbird-102.3.3-x86_64-1_slack15.0.txz:  Upgraded.
+  This is a bugfix release.
+  For more information, see:
+    https://www.mozilla.org/en-US/thunderbird/102.3.3/releasenotes/
+patches/packages/python3-3.9.15-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes security issues:
+  Bundled libexpat was upgraded from 2.4.7 to 2.4.9 which fixes a heap
+  use-after-free vulnerability in function doContent.
+  gh-97616: a fix for a possible buffer overflow in list *= int.
+  gh-97612: a fix for possible shell injection in the example script
+  get-remote-certificate.py.
+  gh-96577: a fix for a potential buffer overrun in msilib.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
+  (* Security fix *)
++--------------------------+
 Sat Oct  8 19:23:31 UTC 2022
 patches/packages/libksba-1.6.2-x86_64-1_slack15.0.txz:  Upgraded.
   Detect a possible overflow directly in the TLV parser.