Check query strings of query-style lookups for quoting. Bug 2850

[exim.git] / doc / doc-txt / NewStuff

diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 394eb144d224b5c6c0b63d5e7a770c2a41695cdd..730508adc944d618d08c338920a96b14d3023cf9 100644 (file)
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -19,6 +19,9 @@ Version 4.96
 
  5. The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
 
+ 6. Query-style lookups are now checked for quoting, if the query string is
+    built using untrusted data ("tainted").  For now lack of quoting is merely
+    logged; a future release will upgrade this to an error.
 
 Version 4.95
 ------------