1 files changed, 55 insertions, 2 deletions

diff --git a/ChangeLog.rss b/ChangeLog.rss
index 02785ad21..25a066324 100644
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@@ -11,10 +11,63 @@
       <description>Tracking Slackware development in git.</description>
       <language>en-us</language>
       <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Sun, 19 Dec 2021 18:57:11 GMT</pubDate>
-      <lastBuildDate>Sun, 19 Dec 2021 19:59:43 GMT</lastBuildDate>
+      <pubDate>Mon, 20 Dec 2021 19:41:32 GMT</pubDate>
+      <lastBuildDate>Tue, 21 Dec 2021 07:59:44 GMT</lastBuildDate>
       <generator>maintain_current_git.sh v 1.13</generator>
       <item>
+         <title>Mon, 20 Dec 2021 19:41:32 GMT</title>
+         <pubDate>Mon, 20 Dec 2021 19:41:32 GMT</pubDate>
+         <link>https://git.slackware.nl/current/tag/?h=20211220194132</link>
+         <guid isPermaLink="false">20211220194132</guid>
+         <description>
+           <![CDATA[<pre>
+a/pkgtools-15.0-noarch-42.txz:  Rebuilt.
+  setup.services: list rc.nfsd. Suggested by alienBOB.
+l/expat-2.4.2-x86_64-1.txz:  Upgraded.
+l/gegl-0.4.34-x86_64-1.txz:  Upgraded.
+n/httpd-2.4.52-x86_64-1.txz:  Upgraded.
+  SECURITY: CVE-2021-44790: Possible buffer overflow when parsing
+  multipart content in mod_lua of Apache HTTP Server 2.4.51 and
+  earlier (cve.mitre.org)
+  A carefully crafted request body can cause a buffer overflow in
+  the mod_lua multipart parser (r:parsebody() called from Lua
+  scripts).
+  The Apache httpd team is not aware of an exploit for the
+  vulnerabilty though it might be possible to craft one.
+  This issue affects Apache HTTP Server 2.4.51 and earlier.
+  Credits: Chamal
+  SECURITY: CVE-2021-44224: Possible NULL dereference or SSRF in
+  forward proxy configurations in Apache HTTP Server 2.4.51 and
+  earlier (cve.mitre.org)
+  A crafted URI sent to httpd configured as a forward proxy
+  (ProxyRequests on) can cause a crash (NULL pointer dereference)
+  or, for configurations mixing forward and reverse proxy
+  declarations, can allow for requests to be directed to a
+  declared Unix Domain Socket endpoint (Server Side Request
+  Forgery).
+  This issue affects Apache HTTP Server 2.4.7 up to 2.4.51
+  (included).
+  Credits: ae 1/4*a-o(R)e 1/4
+  TengMA(@Te3t123)
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44790
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44224
+  (* Security fix *)
+xap/gimp-2.10.30-x86_64-1.txz:  Upgraded.
+xap/mozilla-thunderbird-91.4.1-x86_64-1.txz:  Upgraded.
+  This release contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/thunderbird/91.4.1/releasenotes/
+    https://www.mozilla.org/en-US/security/advisories/mfsa2021-55/
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4126
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44538
+  (* Security fix *)
+xap/xlockmore-5.68-x86_64-1.txz:  Upgraded.
+xap/xsnow-3.4.2-x86_64-1.txz:  Upgraded.
+           </pre>]]>
+         </description>
+      </item>
+      <item>
          <title>Sun, 19 Dec 2021 18:57:11 GMT</title>
          <pubDate>Sun, 19 Dec 2021 18:57:11 GMT</pubDate>
          <link>https://git.slackware.nl/current/tag/?h=20211219185711</link>