1 files changed, 23 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 7c0ba71ae..4e1de8a37 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,26 @@
+Sat Sep 22 22:41:41 UTC 2018
+a/eudev-3.2.6-x86_64-2.txz:  Rebuilt.
+  Removed unneeded groups "render" and "kvm" from 50-udev-default.rules.
+  Thanks to Richard David Sherman.
+a/grub-2.02-x86_64-4.txz:  Rebuilt.
+  Applied a patch needed when compiling with recent binutils. Thanks to ivandi.
+d/parallel-20180922-noarch-1.txz:  Upgraded.
+x/xterm-337-x86_64-1.txz:  Upgraded.
+xap/mozilla-firefox-60.2.1esr-x86_64-1.txz:  Upgraded.
+  This release contains security fixes and improvements.
+   A potentially exploitable crash in TransportSecurityInfo used for SSL
+   can be triggered by data stored in the local cache in the user profile
+   directory. This issue is only exploitable in combination with another
+   vulnerability allowing an attacker to write data into the local cache
+   or from locally installed malware. This issue also triggers a
+   non-exploitable startup crash for users switching between the Nightly
+   and Release versions of Firefox if the same profile is used.
+  For more information, see:
+    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
+    https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
+  (* Security fix *)
++--------------------------+
 Fri Sep 21 18:51:07 UTC 2018
 a/eudev-3.2.6-x86_64-1.txz:  Upgraded.
 a/glibc-solibs-2.28-x86_64-2.txz:  Upgraded.