From 90b9714d2f62f8500252c7f3f5281c0e3777541e Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Fri, 29 Mar 2024 02:25:21 +0000
Subject: Fri Mar 29 02:25:21 UTC 2024

a/coreutils-9.5-x86_64-1.txz:  Upgraded.
  chmod -R now avoids a race where an attacker may replace a traversed file
  with a symlink, causing chmod to operate on an unintended file.
  [This bug was present in "the beginning".]
  split --line-bytes with a mixture of very long and short lines no longer
  overwrites the heap.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2024-0684
  (* Security fix *)
---
 ChangeLog.txt | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'ChangeLog.txt')

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 49d56fb2d..1483ea341 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,14 @@
+Fri Mar 29 02:25:21 UTC 2024
+a/coreutils-9.5-x86_64-1.txz:  Upgraded.
+  chmod -R now avoids a race where an attacker may replace a traversed file
+  with a symlink, causing chmod to operate on an unintended file.
+  [This bug was present in "the beginning".]
+  split --line-bytes with a mixture of very long and short lines no longer
+  overwrites the heap.
+  For more information, see:
+    https://www.cve.org/CVERecord?id=CVE-2024-0684
+  (* Security fix *)
++--------------------------+
 Thu Mar 28 21:40:08 UTC 2024
 a/btrfs-progs-6.8-x86_64-1.txz:  Upgraded.
 a/gpm-1.20.7-x86_64-10.txz:  Rebuilt.
-- 
cgit v1.2.3