string.c: do not interpret '\\' before '\0' (CVE-2019-15846)

[exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index e2dd71b2b055b522887fa883998c6403d215101d..3bc992d4d7c35f7701810f62db0d1bfe67e6a00a 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -4,6 +4,17 @@ This document describes *changes* to previous versions, that might
 affect Exim's operation, with an unchanged configuration file.  For new
 options, and new features, see the NewStuff file next to this ChangeLog.
 
+Exim version 4.92.2
+-------------------
+
+HS/01 Handle trailing backslash gracefully. (CVE-2019-15846)
+
+
+Exim version 4.92.1
+-------------------
+
+JH/31 Avoid re-expansion in ${sort } expansion. (CVE-2019-13917, OVE-20190718-0006)
+
 
 Exim version 4.92
 -----------------
@@ -191,6 +202,9 @@ JH/41 Fix the loop reading a message header line to check for integer overflow,
       and more-often against header_maxsize.  Previously a crafted message could
       induce a crash of the recive process; now the message is cleanly rejected.
 
+JH/42 Bug 2366: Fix the behaviour of the dkim_verify_signers option.  It had
+      been totally disabled for all of 4.91.  Discovery and fix by "Mad Alex".
+
 
 Exim version 4.91
 -----------------