1 files changed, 54 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 569a64a98..bad42d626 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,57 @@
+Wed Feb 15 03:05:40 UTC 2023
+extra/php80/php80-8.0.28-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes security issues:
+  Core: Password_verify() always return true with some hash.
+  Core: 1-byte array overrun in common path resolve code.
+  SAPI: DOS vulnerability when parsing multipart request body.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2023-0567
+    https://www.cve.org/CVERecord?id=CVE-2023-0568
+    https://www.cve.org/CVERecord?id=CVE-2023-0662
+  (* Security fix *)
+extra/php81/php81-8.1.16-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes security issues:
+  Core: Password_verify() always return true with some hash.
+  Core: 1-byte array overrun in common path resolve code.
+  SAPI: DOS vulnerability when parsing multipart request body.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2023-0567
+    https://www.cve.org/CVERecord?id=CVE-2023-0568
+    https://www.cve.org/CVERecord?id=CVE-2023-0662
+  (* Security fix *)
+patches/packages/hwdata-0.367-noarch-1_slack15.0.txz:  Upgraded.
+  Upgraded to get information for newer hardware.
+  Requested by kingbeowulf on LQ.
+patches/packages/mozilla-firefox-102.8.0esr-x86_64-1_slack15.0.txz:  Upgraded.
+  This update contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/firefox/102.8.0/releasenotes/
+    https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/
+    https://www.cve.org/CVERecord?id=CVE-2023-25728
+    https://www.cve.org/CVERecord?id=CVE-2023-25730
+    https://www.cve.org/CVERecord?id=CVE-2023-25743
+    https://www.cve.org/CVERecord?id=CVE-2023-0767
+    https://www.cve.org/CVERecord?id=CVE-2023-25735
+    https://www.cve.org/CVERecord?id=CVE-2023-25737
+    https://www.cve.org/CVERecord?id=CVE-2023-25738
+    https://www.cve.org/CVERecord?id=CVE-2023-25739
+    https://www.cve.org/CVERecord?id=CVE-2023-25729
+    https://www.cve.org/CVERecord?id=CVE-2023-25732
+    https://www.cve.org/CVERecord?id=CVE-2023-25734
+    https://www.cve.org/CVERecord?id=CVE-2023-25742
+    https://www.cve.org/CVERecord?id=CVE-2023-25746
+  (* Security fix *)
+patches/packages/php-7.4.33-x86_64-3_slack15.0.txz:  Rebuilt.
+  This update fixes security issues:
+  Core: Password_verify() always return true with some hash.
+  Core: 1-byte array overrun in common path resolve code.
+  SAPI: DOS vulnerability when parsing multipart request body.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2023-0567
+    https://www.cve.org/CVERecord?id=CVE-2023-0568
+    https://www.cve.org/CVERecord?id=CVE-2023-0662
+  (* Security fix *)
++--------------------------+
 Fri Feb 10 20:08:41 UTC 2023
 patches/packages/gnutls-3.7.9-x86_64-1_slack15.0.txz:  Upgraded.
   libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange.