1 files changed, 22 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 19492cee5..548ca668d 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,25 @@
+Tue Oct  3 22:19:10 UTC 2023
+patches/packages/libX11-1.8.7-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes security issues:
+  libX11: out-of-bounds memory access in _XkbReadKeySyms().
+  libX11: stack exhaustion from infinite recursion in PutSubImage().
+  libX11: integer overflow in XCreateImage() leading to a heap overflow.
+  For more information, see:
+    https://lists.x.org/archives/xorg-announce/2023-October/003424.html
+    https://www.cve.org/CVERecord?id=CVE-2023-43785
+    https://www.cve.org/CVERecord?id=CVE-2023-43786
+    https://www.cve.org/CVERecord?id=CVE-2023-43787
+  (* Security fix *)
+patches/packages/libXpm-3.5.17-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes security issues:
+  libXpm: out of bounds read in XpmCreateXpmImageFromBuffer().
+  libXpm: out of bounds read on XPM with corrupted colormap.
+  For more information, see:
+    https://lists.x.org/archives/xorg-announce/2023-October/003424.html
+    https://www.cve.org/CVERecord?id=CVE-2023-43788
+    https://www.cve.org/CVERecord?id=CVE-2023-43789
+  (* Security fix *)
++--------------------------+
 Sat Sep 30 21:33:49 UTC 2023
 patches/packages/libvpx-1.12.0-x86_64-1_slack15.0.txz:  Upgraded.
   This release contains two security related fixes -- one each for VP8 and VP9.