1 files changed, 60 insertions, 2 deletions

diff --git a/ChangeLog.rss b/ChangeLog.rss
index 1687963db..29a6e5bb8 100644
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@@ -11,10 +11,68 @@
       <description>Tracking Slackware development in git.</description>
       <language>en-us</language>
       <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Mon, 18 May 2020 23:30:26 GMT</pubDate>
-      <lastBuildDate>Tue, 19 May 2020 06:59:47 GMT</lastBuildDate>
+      <pubDate>Tue, 19 May 2020 19:47:49 GMT</pubDate>
+      <lastBuildDate>Wed, 20 May 2020 06:59:58 GMT</lastBuildDate>
       <generator>maintain_current_git.sh v 1.11</generator>
       <item>
+         <title>Tue, 19 May 2020 19:47:49 GMT</title>
+         <pubDate>Tue, 19 May 2020 19:47:49 GMT</pubDate>
+         <link>https://git.slackware.nl/current/tag/?h=20200519194749</link>
+         <guid isPermaLink="false">20200519194749</guid>
+         <description>
+           <![CDATA[<pre>
+a/shadow-4.8.1-x86_64-8.txz:  Rebuilt.
+  It seems that /etc/suauth is not supported when PAM is in use, even if
+  configure.ac is hacked to enable it. I've removed the man pages for it,
+  and would suggest using sudo as a replacement.
+l/libexif-0.6.22-x86_64-1.txz:  Upgraded.
+  This update fixes bugs and security issues:
+  CVE-2018-20030: Fix for recursion DoS
+  CVE-2020-13114: Time consumption DoS when parsing canon array markers
+  CVE-2020-13113: Potential use of uninitialized memory
+  CVE-2020-13112: Various buffer overread fixes due to integer overflows
+                  in maker notes
+  CVE-2020-0093:  read overflow
+  CVE-2019-9278:  replaced integer overflow checks the compiler could
+                  optimize away by safer constructs
+  CVE-2020-12767: fixed division by zero
+  CVE-2016-6328:  fixed integer overflow when parsing maker notes
+  CVE-2017-7544:  fixed buffer overread
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20030
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13114
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13113
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13112
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0093
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12767
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544
+  (* Security fix *)
+l/oniguruma-6.9.5_rev1-x86_64-2.txz:  Rebuilt.
+  Rebuilt with --enable-posix-api. Thanks to MisterL.
+l/python-packaging-20.4-x86_64-1.txz:  Upgraded.
+n/bind-9.16.3-x86_64-1.txz:  Upgraded.
+  This update fixes a security issue:
+  A malicious actor who intentionally exploits the lack of effective
+  limitation on the number of fetches performed when processing referrals
+  can, through the use of specially crafted referrals, cause a recursing
+  server to issue a very large number of fetches in an attempt to process
+  the referral. This has at least two potential effects: The performance of
+  the recursing server can potentially be degraded by the additional work
+  required to perform these fetches, and the attacker can exploit this
+  behavior to use the recursing server as a reflector in a reflection attack
+  with a high amplification factor.
+  For more information, see:
+    https://kb.isc.org/docs/cve-2020-8616
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616
+  (* Security fix *)
+x/fontconfig-2.13.92-x86_64-1.txz:  Upgraded.
+x/xf86-input-libinput-0.30.0-x86_64-1.txz:  Upgraded.
+           </pre>]]>
+         </description>
+      </item>
+      <item>
          <title>Mon, 18 May 2020 23:30:26 GMT</title>
          <pubDate>Mon, 18 May 2020 23:30:26 GMT</pubDate>
          <link>https://git.slackware.nl/current/tag/?h=20200518233026</link>