Fix base64d() buffer size (CVE-2018-6789)

[exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 22f65c8724f7eb08265d65bd476f6146432daaef..970ec07329201912a951679a81b5cbfa4b965b08 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -5,8 +5,8 @@ affect Exim's operation, with an unchanged configuration file.  For new
 options, and new features, see the NewStuff file next to this ChangeLog.
 
 
 options, and new features, see the NewStuff file next to this ChangeLog.
 
 

-Since Exim version 4.90
------------------
+Exim version 4.90.1
+-------------------

 
 JH/03 Fix pgsql lookup for multiple result-tuples with a single column.
       Previously only the last row was returned.
 
 JH/03 Fix pgsql lookup for multiple result-tuples with a single column.
       Previously only the last row was returned.


@@ -58,6 +58,15 @@ JH/14 Bug 2174: A timeout on connect for a callout was also erroneously seen as
       was marked defer_ok.  Fix to keep the two timeout-detection methods
       separate.
 
       was marked defer_ok.  Fix to keep the two timeout-detection methods
       separate.
 

+HS/01 Fix Buffer overflow in base64d() (CVE-2018-6789)
+
+JH/16 Fix bug in DKIM verify: a buffer overflow could corrupt the malloc
+      metadata, resulting in a crash in free().
+
+PP/01 Fix broken Heimdal GSSAPI authenticator integration.
+      Broken in f2ed27cf5, missing an equals sign for specified-initialisers.
+      Broken also in d185889f4, with init system revamp.
+

 
 Exim version 4.90
 -----------------
 
 Exim version 4.90
 -----------------