diff options
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 745192382..ffda12288 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,17 @@ +Thu May 25 00:24:33 UTC 2023 +patches/packages/curl-8.1.1-x86_64-1_slack15.0.txz: Upgraded. + This is a bugfix release. +patches/packages/texlive-2023.230322-x86_64-1_slack15.0.txz: Upgraded. + This update patches a security issue: + LuaTeX before 1.17.0 allows execution of arbitrary shell commands when + compiling a TeX file obtained from an untrusted source. This occurs + because luatex-core.lua lets the original io.popen be accessed. This also + affects TeX Live before 2023 r66984 and MiKTeX before 23.5. + Thanks to Johannes Schoepfer. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2023-32700 + (* Security fix *) ++--------------------------+ Mon May 22 19:05:02 UTC 2023 patches/packages/c-ares-1.19.1-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: |