1 files changed, 29 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index aa6736e2f..9e5d5179b 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,32 @@
+Wed Jan 23 04:39:04 UTC 2019
+a/kernel-generic-4.19.17-x86_64-1.txz:  Upgraded.
+a/kernel-huge-4.19.17-x86_64-1.txz:  Upgraded.
+a/kernel-modules-4.19.17-x86_64-1.txz:  Upgraded.
+d/kernel-headers-4.19.17-x86-1.txz:  Upgraded.
+d/scons-3.0.4-x86_64-1.txz:  Upgraded.
+d/vala-0.42.5-x86_64-1.txz:  Upgraded.
+k/kernel-source-4.19.17-noarch-1.txz:  Upgraded.
+n/httpd-2.4.38-x86_64-1.txz:  Upgraded.
+  This release contains security fixes and improvements.
+  mod_session: mod_session_cookie does not respect expiry time allowing
+  sessions to be reused.  [Hank Ibell]
+  mod_http2: fixes a DoS attack vector. By sending slow request bodies
+  to resources not consuming them, httpd cleanup code occupies a server
+  thread unnecessarily. This was changed to an immediate stream reset
+  which discards all stream state and incoming data.  [Stefan Eissing]
+  mod_ssl: Fix infinite loop triggered by a client-initiated
+  renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and
+  later.  PR 63052.  [Joe Orton]
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17199
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17189
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0190
+  (* Security fix *)
+x/libdrm-2.4.97-x86_64-1.txz:  Upgraded.
+isolinux/initrd.img:  Rebuilt.
+kernels/*:  Upgraded.
+usb-and-pxe-installers/usbboot.img:  Rebuilt.
++--------------------------+
 Tue Jan 22 01:38:43 UTC 2019
 a/btrfs-progs-4.20-x86_64-1.txz:  Upgraded.
 a/kernel-firmware-20190118_a8b75ca-noarch-1.txz:  Upgraded.