git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Chunking: do not treat the first lonely dot special. CVE-2017-16944, Bug 2201
[exim.git]
/
doc
/
doc-txt
/
ChangeLog
diff --git
a/doc/doc-txt/ChangeLog
b/doc/doc-txt/ChangeLog
index a2d9339c13daeeb41a5f25162e4da03cea9958bc..541ebaf544b8998cd59712d0b5135d9032969429 100644
(file)
--- a/
doc/doc-txt/ChangeLog
+++ b/
doc/doc-txt/ChangeLog
@@
-61,7
+61,11
@@
JH/30 Fix a logging bug on aarch64: an unsafe routine was previously used for
JH/34 Bug 2199: fix a use-after-free while reading smtp input for header lines.
A crafted sequence of BDAT commands could result in in-use memory beeing
JH/34 Bug 2199: fix a use-after-free while reading smtp input for header lines.
A crafted sequence of BDAT commands could result in in-use memory beeing
- freed.
+ freed. CVE-2017-16943.
+
+HS/03 Bug 2201: Fix checking for leading-dot on a line during headers reading
+ from SMTP input. Previously it was always done; now only done for DATA
+ and not BDAT commands. CVE-2017-16944.
Exim version 4.89
Exim version 4.89