X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/031117fe6ed880a56acf10a2181b6b0ca882fb1d..99f40596ce0881af49cc8bf61e588cdb55a2af30:/doc/doc-txt/NewStuff

diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 394eb144d..11004e33a 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -19,6 +19,13 @@ Version 4.96
 
  5. The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
 
+ 6. Query-style lookups are now checked for quoting, if the query string is
+    built using untrusted data ("tainted").  For now lack of quoting is merely
+    logged; a future release will upgrade this to an error.
+
+ 7. The expansion conditions match_<list-type> and inlist now set $value for
+    the expansion of the "true" result of the ${if}.  With a static list, this
+    can be used for de-tainting.
 
 Version 4.95
 ------------