Sun Oct 22 19:30:42 UTC 202320231022193042_15.0

patches/packages/LibRaw-0.20.2-x86_64-4_slack15.0.txz:  Rebuilt.
  This update fixes security issues:
  A Buffer Overflow vulnerability was found in LibRaw_buffer_datastream::
  gets(char*, int), which could lead to privilege escalation or application
  crash.
  A heap-buffer-overflow was found in raw2image_ex(int), which may lead to
  application crash by maliciously crafted input file.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2021-32142
    https://www.cve.org/CVERecord?id=CVE-2023-1729
  (* Security fix *)

1 files changed, 13 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 7d5e2abca..f2d710140 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,16 @@
+Sun Oct 22 19:30:42 UTC 2023
+patches/packages/LibRaw-0.20.2-x86_64-4_slack15.0.txz:  Rebuilt.
+  This update fixes security issues:
+  A Buffer Overflow vulnerability was found in LibRaw_buffer_datastream::
+  gets(char*, int), which could lead to privilege escalation or application
+  crash.
+  A heap-buffer-overflow was found in raw2image_ex(int), which may lead to
+  application crash by maliciously crafted input file.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2021-32142
+    https://www.cve.org/CVERecord?id=CVE-2023-1729
+  (* Security fix *)
++--------------------------+
 Thu Oct 19 19:14:05 UTC 2023
 patches/packages/httpd-2.4.58-x86_64-1_slack15.0.txz:  Upgraded.
   This update fixes bugs and security issues: