git://git.exim.org
/
users
/
heiko
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Documentation/Tests for CVE-2014-2972 fix
[users/heiko/exim.git]
/
doc
/
doc-txt
/
ChangeLog
diff --git
a/doc/doc-txt/ChangeLog
b/doc/doc-txt/ChangeLog
index 770b106a54edbafdc1fcd3a4bf42db2a2d1c7460..61086c7e254ae90872eb640b6b8e21c4938b0b3b 100644
(file)
--- a/
doc/doc-txt/ChangeLog
+++ b/
doc/doc-txt/ChangeLog
@@
-150,6
+150,10
@@
PP/02 Fix internal collision of T_APL on systems which support RFC3123
JH/28 Fix parsing of MIME headers for parameters with quoted semicolons.
JH/28 Fix parsing of MIME headers for parameters with quoted semicolons.
+TL/15 SECURITY: prevent double expansion in math comparison functions
+ (can expand unsanitized data). Not remotely exploitable.
+ CVE-2014-2972
+
Exim version 4.82
-----------------
Exim version 4.82
-----------------