X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/6545de78cb822ab5db97a2f16fe7a42cc9488bd8..33191679e1a86ba6d9c38a74d07:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index ff375d398..a1bd4e7fc 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -32,6 +32,11 @@ PP/03 Report version information for many libraries, including version.h, now support a version extension string for distributors who patch heavily. Dynamic module ABI change. +PP/04 CVE-2011-0017 - check return value of setuid/setgid. This is a + privilege escalation vulnerability whereby the Exim run-time user + can cause root to append content of the attacker's choosing to + arbitrary files. + Exim version 4.73 -----------------