1 files changed, 33 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index b1c9521f1..14eb4da02 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,36 @@
+Wed Jun 24 20:06:50 UTC 2020
+ap/mariadb-10.5.4-x86_64-1.txz:  Upgraded.
+d/guile-3.0.4-x86_64-1.txz:  Upgraded.
+  Shared library .so-version bump.
+  Looks like the previous bump was a mistake:
+  This release fixes the SONAME of libguile-3.0.so, which was erroneously
+  bumped in 3.0.3 compared to 3.0.2. Distributions are strongly
+  encouraged to use 3.0.4 instead of 3.0.3.
+d/make-4.2.1-x86_64-7.txz:  Rebuilt.
+  Recompiled against guile-3.0.4.
+l/libjpeg-turbo-2.0.5-x86_64-1.txz:  Upgraded.
+  This update fixes bugs and a security issue:
+  Fixed an issue in the PPM reader that caused a buffer overrun in cjpeg,
+  TJBench, or the `tjLoadImage()` function if one of the values in a binary
+  PPM/PGM input file exceeded the maximum value defined in the file's header
+  and that maximum value was less than 255.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790
+  (* Security fix *)
+n/ModemManager-1.14.0-x86_64-1.txz:  Upgraded.
+n/curl-7.71.0-x86_64-1.txz:  Upgraded.
+  This update fixes security issues:
+  curl overwrite local file with -J [111]
+  Partial password leak over DNS on HTTP redirect [48]
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
+  (* Security fix *)
+n/gnutls-3.6.14-x86_64-3.txz:  Rebuilt.
+  Recompiled against guile-3.0.4.
+n/mutt-1.14.5-x86_64-1.txz:  Upgraded.
+x/libwacom-1.4-x86_64-1.txz:  Upgraded.
++--------------------------+
 Tue Jun 23 21:49:49 UTC 2020
 ap/man-db-2.9.3-x86_64-1.txz:  Upgraded.
 ap/mariadb-10.4.13-x86_64-3.txz:  Rebuilt.