1 files changed, 65 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index bae9e4622..39a186b4f 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,68 @@
+Fri Aug  4 20:17:36 UTC 2023
+extra/php81/php81-8.1.22-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes a security issue:
+  Libxml: Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity
+  loading in XML without enabling it).
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2023-3823
+  (* Security fix *)
+extra/rust-for-mozilla/rust-1.70.0-x86_64-1_slack15.0.txz:  Upgraded.
+  Upgraded the Rust compiler for Firefox 115.1.0 ESR and Thunderbird 115.1.0.
+pasture/samba-4.15.13-x86_64-1_slack15.0.txz:  Added.
+  We'll hang onto this just in case.
+patches/packages/mozilla-firefox-115.1.0esr-x86_64-1_slack15.0.txz:  Upgraded.
+  This update contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/firefox/115.1.0esr/releasenotes/
+    https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/
+    https://www.cve.org/CVERecord?id=CVE-2023-4045
+    https://www.cve.org/CVERecord?id=CVE-2023-4046
+    https://www.cve.org/CVERecord?id=CVE-2023-4047
+    https://www.cve.org/CVERecord?id=CVE-2023-4048
+    https://www.cve.org/CVERecord?id=CVE-2023-4049
+    https://www.cve.org/CVERecord?id=CVE-2023-4050
+    https://www.cve.org/CVERecord?id=CVE-2023-4052
+    https://www.cve.org/CVERecord?id=CVE-2023-4054
+    https://www.cve.org/CVERecord?id=CVE-2023-4055
+    https://www.cve.org/CVERecord?id=CVE-2023-4056
+    https://www.cve.org/CVERecord?id=CVE-2023-4057
+  (* Security fix *)
+patches/packages/mozilla-thunderbird-115.1.0-x86_64-1_slack15.0.txz:  Upgraded.
+  This is a bugfix release.
+  For more information, see:
+    https://www.mozilla.org/en-US/thunderbird/115.1.0/releasenotes/
+patches/packages/samba-4.18.5-x86_64-1_slack15.0.txz:  Upgraded.
+  PLEASE NOTE: We are taking the unusual step of moving to the latest Samba
+  branch because Windows has made changes that break Samba 4.15.x. The last
+  4.15.x will be retained in /pasture as a fallback. There may be some
+  required configuration changes with this, but we've kept using MIT Kerberos
+  to try to have the behavior change as little as possible. Upgrade carefully.
+  This update fixes security issues:
+  When winbind is used for NTLM authentication, a maliciously crafted request
+  can trigger an out-of-bounds read in winbind and possibly crash it.
+  SMB2 packet signing is not enforced if an admin configured
+  "server signing = required" or for SMB2 connections to Domain Controllers
+  where SMB2 packet signing is mandatory.
+  An infinite loop bug in Samba's mdssvc RPC service for Spotlight can be
+  triggered by an unauthenticated attacker by issuing a malformed RPC request.
+  Missing type validation in Samba's mdssvc RPC service for Spotlight can be
+  used by an unauthenticated attacker to trigger a process crash in a shared
+  RPC mdssvc worker process.
+  As part of the Spotlight protocol Samba discloses the server-side absolute
+  path of shares and files and directories in search results.
+  For more information, see:
+    https://www.samba.org/samba/security/CVE-2022-2127.html
+    https://www.samba.org/samba/security/CVE-2023-3347.html
+    https://www.samba.org/samba/security/CVE-2023-34966.html
+    https://www.samba.org/samba/security/CVE-2023-34967.html
+    https://www.samba.org/samba/security/CVE-2023-34968.html
+    https://www.cve.org/CVERecord?id=CVE-2022-2127
+    https://www.cve.org/CVERecord?id=CVE-2023-3347
+    https://www.cve.org/CVERecord?id=CVE-2023-34966
+    https://www.cve.org/CVERecord?id=CVE-2023-34967
+    https://www.cve.org/CVERecord?id=CVE-2023-34968
+  (* Security fix *)
++--------------------------+
 Tue Aug  1 19:50:53 UTC 2023
 patches/packages/openssl-1.1.1v-x86_64-1_slack15.0.txz:  Upgraded.
   This update fixes bugs and security issues: