Wed Mar 27 19:16:09 UTC 202420240327191609_15.0

patches/packages/curl-8.7.1-x86_64-1_slack15.0.txz:  Upgraded.
  This release fixes the following security issues:
  TLS certificate check bypass with mbedTLS.
  HTTP/2 push headers memory-leak.
  QUIC certificate check bypass with wolfSSL.
  Usage of disabled protocol.
  For more information, see:
    https://curl.se/docs/CVE-2024-2466.html
    https://curl.se/docs/CVE-2024-2398.html
    https://curl.se/docs/CVE-2024-2379.html
    https://curl.se/docs/CVE-2024-2004.html
    https://www.cve.org/CVERecord?id=CVE-2024-2466
    https://www.cve.org/CVERecord?id=CVE-2024-2398
    https://www.cve.org/CVERecord?id=CVE-2024-2379
    https://www.cve.org/CVERecord?id=CVE-2024-2004
  (* Security fix *)

1 files changed, 18 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 7d27d32a9..6ce5574b5 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,21 @@
+Wed Mar 27 19:16:09 UTC 2024
+patches/packages/curl-8.7.1-x86_64-1_slack15.0.txz:  Upgraded.
+  This release fixes the following security issues:
+  TLS certificate check bypass with mbedTLS.
+  HTTP/2 push headers memory-leak.
+  QUIC certificate check bypass with wolfSSL.
+  Usage of disabled protocol.
+  For more information, see:
+    https://curl.se/docs/CVE-2024-2466.html
+    https://curl.se/docs/CVE-2024-2398.html
+    https://curl.se/docs/CVE-2024-2379.html
+    https://curl.se/docs/CVE-2024-2004.html
+    https://www.cve.org/CVERecord?id=CVE-2024-2466
+    https://www.cve.org/CVERecord?id=CVE-2024-2398
+    https://www.cve.org/CVERecord?id=CVE-2024-2379
+    https://www.cve.org/CVERecord?id=CVE-2024-2004
+  (* Security fix *)
++--------------------------+
 Sun Mar 24 18:21:46 UTC 2024
 patches/packages/emacs-29.3-x86_64-1_slack15.0.txz:  Upgraded.
   GNU Emacs through 28.2 allows attackers to execute commands via shell