X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/19fdbfb4a2b6ca4a6a96ef52be848f0a23e2414f..6e48a63849cd3f1dfb3555fe57094954b3f7f092:/doc/doc-txt/NewStuff

diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 3555d8c12..730508adc 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -17,13 +17,11 @@ Version 4.96
 
  4. An event for failing TLS connects to the daemon.
 
- 5. Tainted data used for a query-style lookup should be quoted using the
-    expansion item for the lookup type.  If not, a warning will be written to
-    the main and panic logs.  A future release will enforce this by failing
-    the lookup.
-
- 6. The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
+ 5. The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
 
+ 6. Query-style lookups are now checked for quoting, if the query string is
+    built using untrusted data ("tainted").  For now lack of quoting is merely
+    logged; a future release will upgrade this to an error.
 
 Version 4.95
 ------------