Tue Feb 1 08:27:47 UTC 202220220201082747

kde/kate-21.12.1-x86_64-2.txz:  Rebuilt.
  Fix missing validation of binaries executed via QProcess.
  Thanks to Heinz Wiesinger.
  For more information, see:
    https://kde.org/info/security/advisory-20220131-1.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853
  (* Security fix *)

1 files changed, 18 insertions, 0 deletions

diff --git a/ChangeLog.txt b/ChangeLog.txt
index 334fea06..7ef64dbd 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,21 @@
+Tue Feb  1 08:27:47 UTC 2022
+kde/kate-21.12.1-x86_64-2.txz:  Rebuilt.
+  Fix missing validation of binaries executed via QProcess.
+  Thanks to Heinz Wiesinger.
+  For more information, see:
+    https://kde.org/info/security/advisory-20220131-1.txt
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853
+  (* Security fix *)
++--------------------------+
+Tue Feb  1 05:35:21 UTC 2022
+Hey, my shiny brass lamp is almost out of fuel!
+a/rpm2tgz-1.2.2-x86_64-6.txz:  Rebuilt.
+  Don't use --no-absolute-filenames, because inexplicably it also strips the
+  leading '/' from symlink targets, generally creating a broken symlink.
+  The problem we were attempting to fix is far less common than symlinks to
+  absolute filenames, so we'll revert this for further consideration.
+  Thanks to pghvlaans.
++--------------------------+
 Tue Feb  1 04:37:04 UTC 2022
 The sepulchral voice intones, "The cave is now closed."
 kde/falkon-3.2.0-x86_64-1.txz:  Upgraded.