From 4dd4f47b2c102c8bc2fbb9403eb80808ea4c7b29 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Tue, 17 Aug 2021 20:08:40 +0000
Subject: Tue Aug 17 20:08:40 UTC 2021

a/aaa_glibc-solibs-2.33-x86_64-4.txz:  Rebuilt.
a/util-linux-2.37.2-x86_64-1.txz:  Upgraded.
d/git-2.33.0-x86_64-1.txz:  Upgraded.
d/vala-0.52.5-x86_64-1.txz:  Upgraded.
l/gexiv2-0.12.3-x86_64-1.txz:  Upgraded.
l/glibc-2.33-x86_64-4.txz:  Rebuilt.
  In librt, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain
  NOTIFY_REMOVED data, leading to a NULL pointer dereference.
  NOTE: this vulnerability was introduced as a side effect of the
  CVE-2021-33574 fix.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
  (* Security fix *)
l/glibc-i18n-2.33-x86_64-4.txz:  Rebuilt.
l/glibc-profile-2.33-x86_64-4.txz:  Rebuilt.
l/libcap-2.53-x86_64-1.txz:  Upgraded.
l/python2-module-collection-2.7.18-x86_64-5.txz:  Rebuilt.
  Added dbus-python-1.2.16.
n/ModemManager-1.16.10-x86_64-1.txz:  Upgraded.
n/NetworkManager-1.32.8-x86_64-1.txz:  Upgraded.
n/stunnel-5.60-x86_64-1.txz:  Upgraded.
xap/mozilla-firefox-91.0.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/91.0.1/releasenotes/
    https://www.mozilla.org/security/advisories/mfsa2021-37/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29991
  (* Security fix *)
xap/mozilla-thunderbird-91.0.1-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.0.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2021-37/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29991
  (* Security fix *)
---
 ChangeLog.txt | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

(limited to 'ChangeLog.txt')

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 1865ef89d..22cc9b000 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,40 @@
+Tue Aug 17 20:08:40 UTC 2021
+a/aaa_glibc-solibs-2.33-x86_64-4.txz:  Rebuilt.
+a/util-linux-2.37.2-x86_64-1.txz:  Upgraded.
+d/git-2.33.0-x86_64-1.txz:  Upgraded.
+d/vala-0.52.5-x86_64-1.txz:  Upgraded.
+l/gexiv2-0.12.3-x86_64-1.txz:  Upgraded.
+l/glibc-2.33-x86_64-4.txz:  Rebuilt.
+  In librt, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain
+  NOTIFY_REMOVED data, leading to a NULL pointer dereference.
+  NOTE: this vulnerability was introduced as a side effect of the
+  CVE-2021-33574 fix.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
+  (* Security fix *)
+l/glibc-i18n-2.33-x86_64-4.txz:  Rebuilt.
+l/glibc-profile-2.33-x86_64-4.txz:  Rebuilt.
+l/libcap-2.53-x86_64-1.txz:  Upgraded.
+l/python2-module-collection-2.7.18-x86_64-5.txz:  Rebuilt.
+  Added dbus-python-1.2.16.
+n/ModemManager-1.16.10-x86_64-1.txz:  Upgraded.
+n/NetworkManager-1.32.8-x86_64-1.txz:  Upgraded.
+n/stunnel-5.60-x86_64-1.txz:  Upgraded.
+xap/mozilla-firefox-91.0.1-x86_64-1.txz:  Upgraded.
+  This release contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/firefox/91.0.1/releasenotes/
+    https://www.mozilla.org/security/advisories/mfsa2021-37/
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29991
+  (* Security fix *)
+xap/mozilla-thunderbird-91.0.1-x86_64-1.txz:  Upgraded.
+  This release contains security fixes and improvements.
+  For more information, see:
+    https://www.mozilla.org/en-US/thunderbird/91.0.1/releasenotes/
+    https://www.mozilla.org/en-US/security/advisories/mfsa2021-37/
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29991
+  (* Security fix *)
++--------------------------+
 Mon Aug 16 05:28:16 UTC 2021
 Hey everyone, long time no see! No, I wasn't out fishing. Sadly, I haven't had
 a fishing rod in my hand (or even a fishing license in my wallet) for this
-- 
cgit v1.2.3