summaryrefslogtreecommitdiff
path: root/ChangeLog.txt
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt23
1 files changed, 23 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 7c0ba71a..4e1de8a3 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,26 @@
+Sat Sep 22 22:41:41 UTC 2018
+a/eudev-3.2.6-x86_64-2.txz: Rebuilt.
+ Removed unneeded groups "render" and "kvm" from 50-udev-default.rules.
+ Thanks to Richard David Sherman.
+a/grub-2.02-x86_64-4.txz: Rebuilt.
+ Applied a patch needed when compiling with recent binutils. Thanks to ivandi.
+d/parallel-20180922-noarch-1.txz: Upgraded.
+x/xterm-337-x86_64-1.txz: Upgraded.
+xap/mozilla-firefox-60.2.1esr-x86_64-1.txz: Upgraded.
+ This release contains security fixes and improvements.
+ A potentially exploitable crash in TransportSecurityInfo used for SSL
+ can be triggered by data stored in the local cache in the user profile
+ directory. This issue is only exploitable in combination with another
+ vulnerability allowing an attacker to write data into the local cache
+ or from locally installed malware. This issue also triggers a
+ non-exploitable startup crash for users switching between the Nightly
+ and Release versions of Firefox if the same profile is used.
+ For more information, see:
+ https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
+ (* Security fix *)
++--------------------------+
Fri Sep 21 18:51:07 UTC 2018
a/eudev-3.2.6-x86_64-1.txz: Upgraded.
a/glibc-solibs-2.28-x86_64-2.txz: Upgraded.