From f15788ee2781864cc9d7d1f83d7ba7f476cc50e3fea6963fc1f768d897cfe302 Mon Sep 17 00:00:00 2001
From: Fridrich Strba <fstrba@suse.com>
Date: Fri, 1 Mar 2024 19:58:58 +0000
Subject: [PATCH] OBS-URL:
 https://build.opensuse.org/package/show/Java:packages/xmlgraphics-batik?expand=0&rev=67

---
 xmlgraphics-batik.changes | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/xmlgraphics-batik.changes b/xmlgraphics-batik.changes
index 008a6b5..21ac244 100644
--- a/xmlgraphics-batik.changes
+++ b/xmlgraphics-batik.changes
@@ -8,9 +8,10 @@ Fri Mar  1 19:02:03 UTC 2024 - Fridrich Strba <fstrba@suse.com>
     (CVE-2022-44729)
 - Upgrade to version 1.16
   * Java 8 or later is minimum runtime required
-  * BATIK-1338: Block loading jar inside svg (CVE-2022-41704)
+  * BATIK-1338: Block loading jar inside svg (CVE-2022-41704,
+    bsc#1204704)
   * BATIK-1345: Restrict what java classes can be run thru rhino
-    (CVE-2022-42890)
+    (CVE-2022-42890, bsc#1204709)
 - Removed patch:
   * xmlgraphics-batik-nosourcetarget.patch
     + not needed since Java 8 compatibility is now the default