git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
redirect router: taint-enforce filenames
[exim.git]
/
doc
/
doc-txt
/
ChangeLog
diff --git
a/doc/doc-txt/ChangeLog
b/doc/doc-txt/ChangeLog
index 2b5b592c5a5de145cb27a43fe7eaea687ef72dec..33381d5583258e8ce1b0590a1fad1536adb989f9 100644
(file)
--- a/
doc/doc-txt/ChangeLog
+++ b/
doc/doc-txt/ChangeLog
@@
-87,6
+87,12
@@
JH/19 Bug 2507: Modules: on handling a dynamic-module (lookups) open failure,
were used, and the second one (for mainlog/paniclog) retrieved null
information.
were used, and the second one (for mainlog/paniclog) retrieved null
information.
+JH/20 Taint checking: disallow use of tainted data for
+ - the appendfile transport file and directory options
+ - the pipe transport command
+ - file names used by the redirect router (including filter files)
+ Previously this was permitted.
+
Exim version 4.93
-----------------
Exim version 4.93
-----------------