- 5. Tainted data used for a query-style lookup should be quoted using the
- expansion item for the lookup type. If not, a warning will be written to
- the main and panic logs. A future release will enforce this by failing
- the lookup.
+ 5. The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
+
+ 6. Query-style lookups are now checked for quoting, if the query string is
+ built using untrusted data ("tainted"). For now lack of quoting is merely
+ logged; a future release will upgrade this to an error.