summaryrefslogtreecommitdiffstats
path: root/ChangeLog.txt
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r--ChangeLog.txt27
1 files changed, 27 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 6ebfc5eea..d1a43af16 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,30 @@
+Wed Feb 28 18:36:48 UTC 2024
+d/parallel-20240222-noarch-1.txz: Upgraded.
+kde/krita-5.2.2-x86_64-4.txz: Rebuilt.
+ Recompiled against libunibreak-6.0.
+l/accountsservice-23.13.9-x86_64-1.txz: Upgraded.
+ Thanks to reddog83.
+l/libass-0.17.1-x86_64-2.txz: Rebuilt.
+ Recompiled against libunibreak-6.0.
+l/libunibreak-6.0-x86_64-1.txz: Upgraded.
+ Shared library .so-version bump.
+l/orc-0.4.38-x86_64-1.txz: Upgraded.
+l/python-requests-2.31.0-x86_64-1.txz: Upgraded.
+l/python-urllib3-2.2.1-x86_64-1.txz: Upgraded.
+l/qt6-6.6.2_20240210_15b7e743-x86_64-1.txz: Added.
+n/wpa_supplicant-2.10-x86_64-3.txz: Rebuilt.
+ Patched the implementation of PEAP in wpa_supplicant to prevent an
+ authentication bypass. For a successful attack, wpa_supplicant must be
+ configured to not verify the network's TLS certificate during Phase 1
+ authentication, and an eap_peap_decrypt vulnerability can then be abused
+ to skip Phase 2 authentication. The attack vector is sending an EAP-TLV
+ Success packet instead of starting Phase 2. This allows an adversary to
+ impersonate Enterprise Wi-Fi networks.
+ For more information, see:
+ https://www.cve.org/CVERecord?id=CVE-2023-52160
+ (* Security fix *)
+xap/gparted-1.6.0-x86_64-1.txz: Upgraded.
++--------------------------+
Mon Feb 26 20:09:43 UTC 2024
a/mdadm-4.3-x86_64-1.txz: Upgraded.
a/pciutils-3.11.1-x86_64-1.txz: Upgraded.