Avoid exposing passwords in log, on failing ldap lookup expansion. Bug 165

[exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 43009011fec675234d783748e9e47322f0e0f6ae..3bf6fc9080adee7596ce19e75d1085e758619d68 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -23,6 +23,12 @@ JH/03 Upgrade security requirements imposed for hosts_try_dane: previously
 JH/04 Bug 1810: make continued-use of an open smtp transport connection
       non-noisy when a race steals the message being considered.
 
+JH/05 If main configuration option tls_certificate is unset, generate a
+      selfsigned certificate for inbound TLS connections.
+
+JH/06 Bug 165: hide more cases of password exposure - this time in expansions
+      in rewrites and routers.
+
 
 Exim version 4.87
 -----------------