Taint: fix multiple ACL actions to properly manage tainted argument data

[users/heiko/exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 2d7c5e014991ac5305e856c996bab4f3b592bdff..015959cb6ff93154ea58fc0db9977058df972425 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -3,6 +3,21 @@ affect Exim's operation, with an unchanged configuration file.  For new
 options, and new features, see the NewStuff file next to this ChangeLog.
 
 
 options, and new features, see the NewStuff file next to this ChangeLog.
 
 

+Since Exim version 4.94
+-----------------------
+
+JH/02 Bug 2587: Fix pam expansion condition.  Tainted values are commonly used
+      as arguments, so an implementation trying to copy these into a local
+      buffer was taking a taint-enforcement trap.  Fix by using dynamically
+      created buffers.
+
+JH/03 Bug 2586: Fix listcount expansion operator.  Using tainted arguments is
+      reasonable, eg. to count headers.  Fix by using dynamically created
+      buffers rather than a local.  Do similar fixes for ACL actions "dcc",
+      "log_reject_target", "malware" and "spam"; the arguments are expanded
+      so could be handling tainted values.
+
+

 Exim version 4.94
 -----------------
 
 Exim version 4.94
 -----------------
 


@@ -204,7 +219,8 @@ JH/43 Fix possible long line in DSN.  Previously when a very long SMTP error
       standards on line-length limits.  Truncate if needed.
 
 HS/01 Remove parameters of the link to www.open-spf.org. The linked form
       standards on line-length limits.  Truncate if needed.
 
 HS/01 Remove parameters of the link to www.open-spf.org. The linked form

-      doesn't work.
+      doesn't work. (Additionally add a new main config option to configure the
+      spf_smtp_comment)

 
 
 Exim version 4.93
 
 
 Exim version 4.93