git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Don't open spool data-files which are symlinks
[exim.git]
/
doc
/
doc-txt
/
ChangeLog
diff --git
a/doc/doc-txt/ChangeLog
b/doc/doc-txt/ChangeLog
index d9b77804bd1cfcbe5876942f7ad1c53657e5f39e..d99b2684ac79186ce49d508c95496bd96fc729e6 100644
(file)
--- a/
doc/doc-txt/ChangeLog
+++ b/
doc/doc-txt/ChangeLog
@@
-29,6
+29,9
@@
JH/05 Bug 2273: Cutthrough delivery left a window where the received messsage
add more error-checking on spoolfile handling while that code is being
messed with.
+PP/01 Refuse to open a spool data file (*-D) if it's a symlink.
+ No known attacks, no CVE, this is defensive hardening.
+
Exim version 4.91
-----------------
git://git.exim.org / exim.git / blobdiff