From e519d8d2c69426feefc2ee207e3b14940fad2d2a Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Wed, 9 Nov 2022 22:16:30 +0000
Subject: Wed Nov  9 22:16:30 UTC 2022

a/btrfs-progs-6.0.1-x86_64-1.txz:  Upgraded.
ap/sysstat-12.7.1-x86_64-1.txz:  Upgraded.
  On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,
  allocate_structures contains a size_t overflow in sa_common.c. The
  allocate_structures function insufficiently checks bounds before arithmetic
  multiplication, allowing for an overflow in the size allocated for the
  buffer representing system activities.
  This issue may lead to Remote Code Execution (RCE).
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-39377
  (* Security fix *)
kde/bluedevil-5.26.3.1-x86_64-1.txz:  Upgraded.
kde/breeze-5.26.3.1-x86_64-1.txz:  Upgraded.
kde/oxygen-sounds-5.26.3.1-x86_64-1.txz:  Upgraded.
l/gdk-pixbuf2-2.42.10-x86_64-1.txz:  Upgraded.
l/orc-0.4.33-x86_64-1.txz:  Upgraded.
n/mobile-broadband-provider-info-20221107-x86_64-1.txz:  Upgraded.
xfce/xfce4-settings-4.16.4-x86_64-1.txz:  Upgraded.
  Fixed an argument injection vulnerability in xfce4-mime-helper.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-45062
  (* Security fix *)
---
 ChangeLog.rss | 36 ++++++++++++++++++++++++++++++++++--
 1 file changed, 34 insertions(+), 2 deletions(-)

(limited to 'ChangeLog.rss')

diff --git a/ChangeLog.rss b/ChangeLog.rss
index 7ba04e475..48fabbb78 100644
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@@ -11,9 +11,41 @@
       <description>Tracking Slackware development in git.</description>
       <language>en-us</language>
       <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Tue,  8 Nov 2022 22:21:43 GMT</pubDate>
-      <lastBuildDate>Wed,  9 Nov 2022 06:00:16 GMT</lastBuildDate>
+      <pubDate>Wed,  9 Nov 2022 22:16:30 GMT</pubDate>
+      <lastBuildDate>Thu, 10 Nov 2022 06:00:15 GMT</lastBuildDate>
       <generator>maintain_current_git.sh v 1.17</generator>
+      <item>
+         <title>Wed,  9 Nov 2022 22:16:30 GMT</title>
+         <pubDate>Wed,  9 Nov 2022 22:16:30 GMT</pubDate>
+         <link>https://git.slackware.nl/current/tag/?h=20221109221630</link>
+         <guid isPermaLink="false">20221109221630</guid>
+         <description>
+           <![CDATA[<pre>
+a/btrfs-progs-6.0.1-x86_64-1.txz:  Upgraded.
+ap/sysstat-12.7.1-x86_64-1.txz:  Upgraded.
+  On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,
+  allocate_structures contains a size_t overflow in sa_common.c. The
+  allocate_structures function insufficiently checks bounds before arithmetic
+  multiplication, allowing for an overflow in the size allocated for the
+  buffer representing system activities.
+  This issue may lead to Remote Code Execution (RCE). 
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2022-39377
+  (* Security fix *)
+kde/bluedevil-5.26.3.1-x86_64-1.txz:  Upgraded.
+kde/breeze-5.26.3.1-x86_64-1.txz:  Upgraded.
+kde/oxygen-sounds-5.26.3.1-x86_64-1.txz:  Upgraded.
+l/gdk-pixbuf2-2.42.10-x86_64-1.txz:  Upgraded.
+l/orc-0.4.33-x86_64-1.txz:  Upgraded.
+n/mobile-broadband-provider-info-20221107-x86_64-1.txz:  Upgraded.
+xfce/xfce4-settings-4.16.4-x86_64-1.txz:  Upgraded.
+  Fixed an argument injection vulnerability in xfce4-mime-helper.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2022-45062
+  (* Security fix *)
+           </pre>]]>
+         </description>
+      </item>
       <item>
          <title>Tue,  8 Nov 2022 22:21:43 GMT</title>
          <pubDate>Tue,  8 Nov 2022 22:21:43 GMT</pubDate>
-- 
cgit v1.2.3-79-gdb01