Tue Dec 20 20:40:18 UTC 202220221220204018_15.0

patches/packages/libksba-1.6.3-x86_64-1_slack15.0.txz:  Upgraded.
  Fix another integer overflow in the CRL's signature parser.
  (* Security fix *)
patches/packages/sdl-1.2.15-x86_64-13_slack15.0.txz:  Rebuilt.
  This update fixes a heap overflow problem in video/SDL_pixels.c in SDL.
  By crafting a malicious .BMP file, an attacker can cause the application
  using this library to crash, denial of service, or code execution.
  Thanks to marav for the heads-up.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2021-33657
  (* Security fix *)

1 files changed, 13 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 9782e5949..80f21b549 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,16 @@
+Tue Dec 20 20:40:18 UTC 2022
+patches/packages/libksba-1.6.3-x86_64-1_slack15.0.txz:  Upgraded.
+  Fix another integer overflow in the CRL's signature parser.
+  (* Security fix *)
+patches/packages/sdl-1.2.15-x86_64-13_slack15.0.txz:  Rebuilt.
+  This update fixes a heap overflow problem in video/SDL_pixels.c in SDL.
+  By crafting a malicious .BMP file, an attacker can cause the application
+  using this library to crash, denial of service, or code execution.
+  Thanks to marav for the heads-up.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2021-33657
+  (* Security fix *)
++--------------------------+
 Mon Dec 19 21:18:22 UTC 2022
 patches/packages/xorg-server-1.20.14-x86_64-6_slack15.0.txz:  Rebuilt.
   This release fixes an invalid event type mask in XTestSwapFakeInput which