git://git.exim.org
/
users
/
heiko
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Taint: fix multiple ACL actions to properly manage tainted argument data
[users/heiko/exim.git]
/
doc
/
doc-txt
/
ChangeLog
diff --git
a/doc/doc-txt/ChangeLog
b/doc/doc-txt/ChangeLog
index 94bcea29bdff9713a81cba2bf4e8fa406c6fb4bb..015959cb6ff93154ea58fc0db9977058df972425 100644
(file)
--- a/
doc/doc-txt/ChangeLog
+++ b/
doc/doc-txt/ChangeLog
@@
-8,12
+8,14
@@
Since Exim version 4.94
JH/02 Bug 2587: Fix pam expansion condition. Tainted values are commonly used
as arguments, so an implementation trying to copy these into a local
JH/02 Bug 2587: Fix pam expansion condition. Tainted values are commonly used
as arguments, so an implementation trying to copy these into a local
- buffer was taking a taint-enfor
mance
trap. Fix by using dynamically
+ buffer was taking a taint-enfor
cement
trap. Fix by using dynamically
created buffers.
JH/03 Bug 2586: Fix listcount expansion operator. Using tainted arguments is
reasonable, eg. to count headers. Fix by using dynamically created
created buffers.
JH/03 Bug 2586: Fix listcount expansion operator. Using tainted arguments is
reasonable, eg. to count headers. Fix by using dynamically created
- buffers rather than a local,
+ buffers rather than a local. Do similar fixes for ACL actions "dcc",
+ "log_reject_target", "malware" and "spam"; the arguments are expanded
+ so could be handling tainted values.
Exim version 4.94
Exim version 4.94