git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
OpenSSL: when supported by the library version, disable renegotiation for pre-TLS1.3
[exim.git]
/
doc
/
doc-txt
/
ChangeLog
diff --git
a/doc/doc-txt/ChangeLog
b/doc/doc-txt/ChangeLog
index ac7f3357d9efc8383c54cbb77e6ffedccf4c0ca4..c5b2ca2d8b885546eb27c4f201ab648750fbe236 100644
(file)
--- a/
doc/doc-txt/ChangeLog
+++ b/
doc/doc-txt/ChangeLog
@@
-200,6
+200,10
@@
JH/43 Bug 2465: Fix taint-handling in dsearch lookup. Previously a nontainted
buffer was used for the filename, resulting in a trap when tainted
arguments (eg. $domain) were used.
buffer was used for the filename, resulting in a trap when tainted
arguments (eg. $domain) were used.
+JH/44 With OpenSSL 1.1.1 (onwards) disable renegotiation for TLS1.2 and below;
+ recommended to avoid a possible server-load attack. The feature can be
+ re-enabled via the openssl_options main cofiguration option.
+
Exim version 4.92
-----------------
Exim version 4.92
-----------------