X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/982854f86c4acc7779b6b65094ba557a9fcd50d6..7b162fc84e202a16b89fa11224737ffbdd240bc8:/doc/doc-txt/ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 37cc3b77d..c5a47662b 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -80,6 +80,16 @@ JH/15 Disallow tainted metadata in lists.
       - Exclamation-marks ("!" signifying negation) are not checked for taint
       at this time.
 
+JH/16 Bug 3124: Fix theoretical crash in received connection, triggerable by a
+      crafted packet with massive count of IP options.  A buffer overflow was
+      detected, but a null-deref results.  In practice, IP packets with options
+      are rare (to non-existent).  Exim refuses connections having any, but this
+      issue was in the coding for logging preceding that refusal.  If coredumps
+      were enabled (not common), an attack could cause filesystem space usage.
+
+JH/17 Bug 3126: Fix build error in the ibase lookup.  Find & fix by
+      Andrew Aitchison.
+
 Exim version 4.98
 -----------------