1 files changed, 24 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 2003326e9..8fffe8b16 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,27 @@
+Wed Nov  9 22:16:30 UTC 2022
+a/btrfs-progs-6.0.1-x86_64-1.txz:  Upgraded.
+ap/sysstat-12.7.1-x86_64-1.txz:  Upgraded.
+  On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,
+  allocate_structures contains a size_t overflow in sa_common.c. The
+  allocate_structures function insufficiently checks bounds before arithmetic
+  multiplication, allowing for an overflow in the size allocated for the
+  buffer representing system activities.
+  This issue may lead to Remote Code Execution (RCE). 
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2022-39377
+  (* Security fix *)
+kde/bluedevil-5.26.3.1-x86_64-1.txz:  Upgraded.
+kde/breeze-5.26.3.1-x86_64-1.txz:  Upgraded.
+kde/oxygen-sounds-5.26.3.1-x86_64-1.txz:  Upgraded.
+l/gdk-pixbuf2-2.42.10-x86_64-1.txz:  Upgraded.
+l/orc-0.4.33-x86_64-1.txz:  Upgraded.
+n/mobile-broadband-provider-info-20221107-x86_64-1.txz:  Upgraded.
+xfce/xfce4-settings-4.16.4-x86_64-1.txz:  Upgraded.
+  Fixed an argument injection vulnerability in xfce4-mime-helper.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2022-45062
+  (* Security fix *)
++--------------------------+
 Tue Nov  8 22:21:43 UTC 2022
 a/bash-5.2.009-x86_64-1.txz:  Upgraded.
 a/glibc-zoneinfo-2022f-noarch-1.txz:  Upgraded.