1 files changed, 75 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 3cdfc352a..67a9c6036 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,78 @@
+Thu Nov 17 01:49:28 UTC 2022
+ap/man-db-2.11.1-x86_64-1.txz:  Upgraded.
+ap/nano-7.0-x86_64-1.txz:  Upgraded.
+ap/sqlite-3.40.0-x86_64-1.txz:  Upgraded.
+kde/plasma-framework-5.100.0-x86_64-2.txz:  Rebuilt.
+  [PATCH] svgitem: do not upscale svg when using fractional scaling.
+l/netpbm-11.00.02-x86_64-1.txz:  Upgraded.
+n/bind-9.18.9-x86_64-1.txz:  Upgraded.
+n/krb5-1.20.1-x86_64-1.txz:  Upgraded.
+  Fixed integer overflows in PAC parsing.
+  Fixed null deref in KDC when decoding invalid NDR.
+  Fixed memory leak in OTP kdcpreauth module.
+  Fixed PKCS11 module path search.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2022-42898
+  (* Security fix *)
+n/samba-4.17.3-x86_64-1.txz:  Upgraded.
+  Fixed a security issue where Samba's Kerberos libraries and AD DC failed
+  to guard against integer overflows when parsing a PAC on a 32-bit system,
+  which allowed an attacker with a forged PAC to corrupt the heap.
+  For more information, see:
+    https://www.samba.org/samba/security/CVE-2022-42898.html
+    https://www.cve.org/CVERecord?id=CVE-2022-42898
+  (* Security fix *)
+x/libXft-2.3.7-x86_64-1.txz:  Upgraded.
+x/wayland-protocols-1.29-noarch-1.txz:  Upgraded.
+xap/mozilla-firefox-107.0-x86_64-1.txz:  Upgraded.
+  This update contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/firefox/107.0/releasenotes/
+    https://www.mozilla.org/security/advisories/mfsa2022-47/
+    https://www.cve.org/CVERecord?id=CVE-2022-45403
+    https://www.cve.org/CVERecord?id=CVE-2022-45404
+    https://www.cve.org/CVERecord?id=CVE-2022-45405
+    https://www.cve.org/CVERecord?id=CVE-2022-45406
+    https://www.cve.org/CVERecord?id=CVE-2022-45407
+    https://www.cve.org/CVERecord?id=CVE-2022-45408
+    https://www.cve.org/CVERecord?id=CVE-2022-45409
+    https://www.cve.org/CVERecord?id=CVE-2022-45410
+    https://www.cve.org/CVERecord?id=CVE-2022-45411
+    https://www.cve.org/CVERecord?id=CVE-2022-45412
+    https://www.cve.org/CVERecord?id=CVE-2022-45413
+    https://www.cve.org/CVERecord?id=CVE-2022-40674
+    https://www.cve.org/CVERecord?id=CVE-2022-45415
+    https://www.cve.org/CVERecord?id=CVE-2022-45416
+    https://www.cve.org/CVERecord?id=CVE-2022-45417
+    https://www.cve.org/CVERecord?id=CVE-2022-45418
+    https://www.cve.org/CVERecord?id=CVE-2022-45419
+    https://www.cve.org/CVERecord?id=CVE-2022-45420
+    https://www.cve.org/CVERecord?id=CVE-2022-45421
+  (* Security fix *)
+xap/mozilla-thunderbird-102.5.0-x86_64-1.txz:  Upgraded.
+  This release contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/thunderbird/102.5.0/releasenotes/
+    https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/
+    https://www.cve.org/CVERecord?id=CVE-2022-45403
+    https://www.cve.org/CVERecord?id=CVE-2022-45404
+    https://www.cve.org/CVERecord?id=CVE-2022-45405
+    https://www.cve.org/CVERecord?id=CVE-2022-45406
+    https://www.cve.org/CVERecord?id=CVE-2022-45408
+    https://www.cve.org/CVERecord?id=CVE-2022-45409
+    https://www.cve.org/CVERecord?id=CVE-2022-45410
+    https://www.cve.org/CVERecord?id=CVE-2022-45411
+    https://www.cve.org/CVERecord?id=CVE-2022-45412
+    https://www.cve.org/CVERecord?id=CVE-2022-45416
+    https://www.cve.org/CVERecord?id=CVE-2022-45418
+    https://www.cve.org/CVERecord?id=CVE-2022-45420
+    https://www.cve.org/CVERecord?id=CVE-2022-45421
+  (* Security fix *)
+xfce/xfce4-settings-4.16.5-x86_64-1.txz:  Upgraded.
+  This update fixes regressions in the previous security fix:
+  mime-settings: Properly quote command parameters.
+  Revert "Escape characters which do not belong into an URI/URL (Issue #390)."
++--------------------------+
 Tue Nov 15 01:28:38 UTC 2022
 a/xz-5.2.8-x86_64-1.txz:  Upgraded.
 d/mercurial-6.3.0-x86_64-1.txz:  Upgraded.