git://git.exim.org / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix taint issue with retry records. Bug 2492
[exim.git] / doc / doc-txt / ChangeLog
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 6a06e440f11940f89569cd68316c4881f959ba8a..f9a939d723cb2d56759149a37308a32356a682b3 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -28,6 +28,17 @@ JH/07 Bug 2489: Fix crash in the "pam" expansion condition.  It seems that the
       PAM library frees one of the arguments given to it, despite the
       documentation.  Therefore a plain malloc must be used.
 
+JH/08 Bug 2491: Use tainted buffers for the transport smtp context.  Previously
+      on-stack buffers were used, resulting in a taint trap when DSN information
+      copied from a received message was written into the buffer.
+
+JH/09 Bug 2493: Harden ARC verify against Outlook, whick has been seen to mix
+      the ordering of its ARC headers.  This caused a crash.
+
+JH/10 Bug 2492: Use tainted memory for retry record when needed.  Previously when
+      a new record was being constructed with information from the peer, a trap
+      was taken.
+
 
 Exim version 4.93
 -----------------
Master Exim source repository