Documentation/Tests for CVE-2014-2972 fix

[exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 8dda80a10c50e82703084ee5775d990094b11e34..61086c7e254ae90872eb640b6b8e21c4938b0b3b 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -148,6 +148,12 @@ PP/02 Fix internal collision of T_APL on systems which support RFC3123
       by renaming away from it.  Addresses GH issue 15, reported by
       Jasper Wallace.
 
+JH/28 Fix parsing of MIME headers for parameters with quoted semicolons.
+
+TL/15 SECURITY: prevent double expansion in math comparison functions
+      (can expand unsanitized data). Not remotely exploitable.
+      CVE-2014-2972
+
 
 Exim version 4.82
 -----------------