X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/4e7ee01264c430b044fd81cbc79a09ee0348d018..0ca0cf52fa9c635984937a3cc813d38fcdacd7ab:/doc/doc-txt/ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index ce78086a6..8ca5d85af 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -3,6 +3,21 @@ $Cambridge: exim/doc/doc-txt/ChangeLog,v 1.632 2010/06/12 15:21:25 jetmore Exp $
 Change log file for Exim from version 4.21
 -------------------------------------------
 
+Exim version 4.77
+-----------------
+
+PP/01 Solaris build fix for Oracle's LDAP libraries.
+      Bugzilla 1109, patch from Stephen Usher.
+
+TF/01 HP/UX build fix: avoid arithmetic on a void pointer.
+
+TK/01 DKIM Verification: Fix relaxed canon for empty headers w/o
+      whitespace trailer
+
+TF/02 Fix a couple more cases where we did not log the error message
+      when unlink() failed. See also change 4.74-TF/03.
+
+
 Exim version 4.76
 -----------------
 
@@ -21,6 +36,26 @@ PP/05 Don't segfault on misconfiguration of ref:name exim-user as uid.
 PP/06 Extra paranoia around buffer usage at the STARTTLS transition.
       nb: Exim is not vulnerable to http://www.kb.cert.org/vuls/id/555316
 
+TK/01 Updated PolarSSL code to 0.14.2.
+      Bugzilla 1097. Patch from Andreas Metzler.
+
+PP/07 Catch divide-by-zero in ${eval:...}.
+      Fixes bugzilla 1102.
+
+PP/08 Condition negation of bool{}/bool_lax{} did not negate.  Fixed.
+      Bugzilla 1104.
+
+TK/02 Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a
+      format-string attack -- SECURITY: remote arbitrary code execution.
+
+TK/03 SECURITY - DKIM signature header parsing was double-expanded, second
+      time unintentionally subject to list matching rules, letting the header
+      cause arbitrary Exim lookups (of items which can occur in lists, *not*
+      arbitrary string expansion). This allowed for information disclosure.
+
+PP/09 Fix another SIGFPE (x86) in ${eval:...} expansion, this time related to
+      INT_MIN/-1 -- value coerced to INT_MAX.
+
 
 Exim version 4.75
 -----------------
@@ -242,7 +277,7 @@ DW/26 Set FD_CLOEXEC on SMTP sockets after forking in the daemon, to ensure
 PP/27 Bugzilla 1047: change the default for system_filter_user to be the Exim
       run-time user, instead of root.
 
-PP/28 Add WHITELIST_D_MACROS option to let some macros be overriden by the
+PP/28 Add WHITELIST_D_MACROS option to let some macros be overridden by the
       Exim run-time user without dropping privileges.
 
 DW/29 Remove use of va_copy() which breaks pre-C99 systems. Duplicate the