Avoid re-expansion in ${sort } CVE-2019-13917 OVE-20190718-0006

[exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 73fefdeb30b410b9b9c421df184810181d9659a8..a5b58f78130ad4ef852d8b95373bb6f58c4be290 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -71,6 +71,17 @@ JH/27 Bug 2404: Use the main-section configuration option "dsn_from" for
 
 PP/01 Unbreak heimdal_gssapi, broken in 4.92.
 
+JH/29 Fix DSN Final-Recipient: field.  Previously it was the post-routing
+      delivery address, which leaked information of the results of local
+      forwarding.  Change to the original envelope recipient address, per
+      standards.
+
+JH/30 Bug 2411: Fix DSN generation when RFC 3461 failure notification is
+      requested.  Previously not bounce was generated and a log entry of
+      error ignored was made.
+
+JH/31 Avoid re-expansion in ${sort } expansion. (CVE-2019-13917, OVE-20190718-0006)
+
 
 Exim version 4.92
 -----------------