X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/130212d30d47e588c2bc03edcfce11bf3857da03..0b4dfe7aa1f12214abdfa1037497d6c49a471612:/doc/doc-txt/ChangeLog?ds=sidebyside

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 4875289b3..9de2e1194 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -93,6 +93,7 @@ JH/20 Taint checking: disallow use of tainted data for
       - the autoreply transport file, log and once options
       - file names used by the redirect router (including filter files)
       - named-queue names
+      - paths used by single-key lookups
       Previously this was permitted.
 
 JH/21 Bug 2501: Fix init call in the heimdal authenticator.  Previously it
@@ -149,6 +150,20 @@ JH/30 When an pipelined-connect fails at the first response, assume incorrect
 
 JH/31 Fix spurious detection of timeout while writing to transport filter.
 
+JH/32 Bug 2541: Fix segfault on bad cmdline -f (sender) argument.  Previously
+      an attempt to copy the string was made before checking it.
+
+JH/33 Fix the dsearch lookup to return an untainted result.  Previously the
+      taint of the lookup key was maintained; we now regard the presence in the
+      filesystem as sufficient validation.
+
+JH/34 Fix the readsocket expansion to not segfault when an empty "options"
+      argument is supplied.
+
+JH/35 The dsearch lookup now requires that the directory is an absolute path.
+      Previously this was not checked, and nonempty relative paths made an
+      access under Exim's current working directory.
+
 
 Exim version 4.93
 -----------------