Ensure the value of $authenticated_id contains only printing characters.

[exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index e8884a29f30357f64e77f2ad5ac03900bc00e4f2..9aed3bb9073132c9be06f833e3e9da677068a210 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.125 2005/04/27 10:06:00 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.126 2005/04/27 10:55:20 ph10 Exp $
 
 Change log file for Exim from version 4.21
 -------------------------------------------
@@ -239,6 +239,12 @@ PH/38 Installed a patch from Ian Freislich, with the agreement of Tom Kistner.
 
 PH/39 Allow G after quota size as well as K and M.
 
+PH/40 The value set for $authenticated_id in an authenticator may not contain
+      binary zeroes or newlines because the value is written to log lines and
+      to spool files. There was no check on this. Now the value is run through
+      the string_printing() function so that such characters are converted to
+      printable escape sequences.
+
 
 A note about Exim versions 4.44 and 4.50
 ----------------------------------------