X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/129a5d133927ff8fa4b3f941f83c022d2daf18f3..57aa14b216432be381b6295c312065b2fd034f86:/doc/doc-txt/ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 9de2e1194..6109a14dd 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -164,6 +164,31 @@ JH/35 The dsearch lookup now requires that the directory is an absolute path.
       Previously this was not checked, and nonempty relative paths made an
       access under Exim's current working directory.
 
+JH/36 Bug 2554: Fix msg:defer event for the hosts_max_try_hardlimit case.
+      Previously no event was raised.
+
+JH/37 Bug 2552: Fix the check on spool space during reception to use the SIZE
+      parameter supplied by the sender MAIL FROM command.  Previously it was
+      ignored, and only the check_spool_space option value for the required
+      leeway checked.
+
+JH/38 Fix $dkim_key_length.  This should, after a DKIM verification, present
+      the size of the signing public-key.  Previously it was instead giving
+      the size of the signature hash.
+
+JH/39 DKIM verification: the RFC 8301 restriction on sizes of RSA keys is now
+      the default.  See the (new) dkim_verify_min_keysizes option.
+
+JH/40 Fix a memory-handling bug: when a connection carried multiple messages
+      and an ACL use a lookup for checking either the local_part or domain,
+      stale data could be accessed.  Ensure that variable references are
+      dropped between messages.
+
+JH/41 Bug 2571: Fix SPA authenticator.  Running as a server, an offset supplied
+      by the client was not checked as pointing within response data before
+      being used.  A malicious client could thus cause an out-of-bounds read and
+      possibly gain authentication.  Fix by adding the check.
+
 
 Exim version 4.93
 -----------------