Document CVE assignment for Berkeley DB issue

[exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index ecb6b33a975abc406307de166970943a8e0b6b5b..a8a93d5ed072ab2201fd135d2406ae4a29f19982 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -126,7 +126,7 @@ JH/18 Prebuild the data-structure for "builtin" macros, for faster startup.
 JH/19 Bug 2141: Use the full-complex API for Berkeley DB rather than the legacy-
       compatible one, to avoid the (poorly documented) possibility of a config
       file in the working directory redirecting the DB files, possibly correpting
-      some existing file.
+      some existing file.  CVE-2017-10140 assigned for BDB.
 
 JH/20 Bug 2147: Do not defer for a verify-with-callout-and-random which is not
       cache-hot.  Previously, although the result was properly cached, the
@@ -141,6 +141,9 @@ JH/22 Retire historical build files to an "unsupported" subdir.  These are
 JH/23 DKIM: enforce the DNS pubkey record "h" permitted-hashes optional field,
       if present.  Previously it was ignored.
 
+JH/24 Start using specified-initialisers in C structure init coding.  This is
+      a C99 feature (it's 2017, so now considered safe).
+
 
 Exim version 4.89
 -----------------