git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Tests compat. setgid failure / dropped_privilege
[exim.git]
/
doc
/
doc-txt
/
ChangeLog
diff --git
a/doc/doc-txt/ChangeLog
b/doc/doc-txt/ChangeLog
index ff375d39898aeaa36c454b9ca0010fe0d7e41898..a1bd4e7fca8f6057257240b217eb7a15f8051de9 100644
(file)
--- a/
doc/doc-txt/ChangeLog
+++ b/
doc/doc-txt/ChangeLog
@@
-32,6
+32,11
@@
PP/03 Report version information for many libraries, including
version.h, now support a version extension string for distributors
who patch heavily. Dynamic module ABI change.
version.h, now support a version extension string for distributors
who patch heavily. Dynamic module ABI change.
+PP/04 CVE-2011-0017 - check return value of setuid/setgid. This is a
+ privilege escalation vulnerability whereby the Exim run-time user
+ can cause root to append content of the attacker's choosing to
+ arbitrary files.
+
Exim version 4.73
-----------------
Exim version 4.73
-----------------
git://git.exim.org / exim.git / blobdiff