From ff3b814028dc082b519c9337103727ace8641cad Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Thu, 19 Dec 2019 23:02:54 +0000
Subject: Thu Dec 19 23:02:54 UTC 2019

d/cmake-3.16.2-x86_64-1.txz:  Upgraded.
d/rust-1.40.0-x86_64-1.txz:  Upgraded.
  Package debloating patches are no longer needed.
  No build regressions noted with Firefox, Seamonkey, or Thunderbird.
l/glib2-2.62.4-x86_64-1.txz:  Upgraded.
l/imagemagick-7.0.9_9-x86_64-1.txz:  Upgraded.
l/wavpack-5.2.0-x86_64-1.txz:  Upgraded.
  Fixed denial-of-service and other potential security issues.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19840
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19841
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10536
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10537
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10538
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10539
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10540
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7254
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7253
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6767
  (* Security fix *)
n/bind-9.14.9-x86_64-1.txz:  Upgraded.
  This is a bugfix release:
  Fixed a bug that caused named to leak memory on reconfiguration when
  any GeoIP2 database was in use. [GL #1445]
  Fixed several possible race conditions discovered by Thread Sanitizer.
n/mutt-1.13.2-x86_64-1.txz:  Upgraded.
n/php-7.4.1-x86_64-1.txz:  Upgraded.
  This update fixes bugs and security issues:
  Bcmath: Buffer underflow in bc_shift_addsub.
  Core: link() silently truncates after a null byte on Windows.
  Core: DirectoryIterator class silently truncates after a null byte.
  Core: mail() may release string with refcount==1 twice.
  EXIF: Use-after-free in exif parsing under memory sanitizer.
  EXIF: Heap-buffer-overflow READ in exif.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11046
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11044
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11045
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11049
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11050
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11047
  (* Security fix *)
x/intel-vaapi-driver-2.4.0-x86_64-1.txz:  Upgraded.
x/vulkan-sdk-1.1.126.0-x86_64-2.txz:  Rebuilt.
  Install SPIRV headers in two places to fix building shaderc.
  Thanks to orbea.
xfce/exo-0.12.11-x86_64-1.txz:  Upgraded.
---
 ChangeLog.txt | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)

(limited to 'ChangeLog.txt')

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 9041fee27..efd678cb0 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,52 @@
+Thu Dec 19 23:02:54 UTC 2019
+d/cmake-3.16.2-x86_64-1.txz:  Upgraded.
+d/rust-1.40.0-x86_64-1.txz:  Upgraded.
+  Package debloating patches are no longer needed.
+  No build regressions noted with Firefox, Seamonkey, or Thunderbird.
+l/glib2-2.62.4-x86_64-1.txz:  Upgraded.
+l/imagemagick-7.0.9_9-x86_64-1.txz:  Upgraded.
+l/wavpack-5.2.0-x86_64-1.txz:  Upgraded.
+  Fixed denial-of-service and other potential security issues.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19840
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19841
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10536
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10537
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10538
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10539
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10540
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7254
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7253
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6767
+  (* Security fix *)
+n/bind-9.14.9-x86_64-1.txz:  Upgraded.
+  This is a bugfix release:
+  Fixed a bug that caused named to leak memory on reconfiguration when
+  any GeoIP2 database was in use. [GL #1445]
+  Fixed several possible race conditions discovered by Thread Sanitizer.
+n/mutt-1.13.2-x86_64-1.txz:  Upgraded.
+n/php-7.4.1-x86_64-1.txz:  Upgraded.
+  This update fixes bugs and security issues:
+  Bcmath: Buffer underflow in bc_shift_addsub.
+  Core: link() silently truncates after a null byte on Windows.
+  Core: DirectoryIterator class silently truncates after a null byte.
+  Core: mail() may release string with refcount==1 twice.
+  EXIF: Use-after-free in exif parsing under memory sanitizer.
+  EXIF: Heap-buffer-overflow READ in exif.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11046
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11044
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11045
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11049
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11050
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11047
+  (* Security fix *)
+x/intel-vaapi-driver-2.4.0-x86_64-1.txz:  Upgraded.
+x/vulkan-sdk-1.1.126.0-x86_64-2.txz:  Rebuilt.
+  Install SPIRV headers in two places to fix building shaderc.
+  Thanks to orbea.
+xfce/exo-0.12.11-x86_64-1.txz:  Upgraded.
++--------------------------+
 Wed Dec 18 20:32:12 UTC 2019
 a/kernel-firmware-20191218_c4586ff-noarch-1.txz:  Upgraded.
 a/kernel-generic-5.4.5-x86_64-1.txz:  Upgraded.
-- 
cgit v1.2.3