Taint: fix multiple ACL actions to properly manage tainted argument data

[users/heiko/exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 1682a78b743f847b5184c648f48efa1db88d4aa4..015959cb6ff93154ea58fc0db9977058df972425 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -3,6 +3,21 @@ affect Exim's operation, with an unchanged configuration file.  For new
 options, and new features, see the NewStuff file next to this ChangeLog.
 
 
 options, and new features, see the NewStuff file next to this ChangeLog.
 
 

+Since Exim version 4.94
+-----------------------
+
+JH/02 Bug 2587: Fix pam expansion condition.  Tainted values are commonly used
+      as arguments, so an implementation trying to copy these into a local
+      buffer was taking a taint-enforcement trap.  Fix by using dynamically
+      created buffers.
+
+JH/03 Bug 2586: Fix listcount expansion operator.  Using tainted arguments is
+      reasonable, eg. to count headers.  Fix by using dynamically created
+      buffers rather than a local.  Do similar fixes for ACL actions "dcc",
+      "log_reject_target", "malware" and "spam"; the arguments are expanded
+      so could be handling tainted values.
+
+

 Exim version 4.94
 -----------------
 
 Exim version 4.94
 -----------------
 


@@ -203,6 +218,10 @@ JH/43 Fix possible long line in DSN.  Previously when a very long SMTP error
       response was received it would be used unchecked in a fail-DSN, violating
       standards on line-length limits.  Truncate if needed.
 
       response was received it would be used unchecked in a fail-DSN, violating
       standards on line-length limits.  Truncate if needed.
 

+HS/01 Remove parameters of the link to www.open-spf.org. The linked form
+      doesn't work. (Additionally add a new main config option to configure the
+      spf_smtp_comment)
+

 
 Exim version 4.93
 -----------------
 
 Exim version 4.93
 -----------------