X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/7a66b3afa11a70021297c176acf56831692be89a..c8b050fd148ef06666c1f6feaa492d122f65e23e:/doc/doc-txt/ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index a15e5b4a0..43b306d3b 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -100,6 +100,19 @@ JH/21 Bug 2501: Fix init call in the heimdal authenticator.  Previously it
       buffer was in use at the time.  Change to a compile-time increase in the
       buffer size, when this authenticator is compiled into exim.
 
+JH/22 Taint checking: move to a hybrid approach for checking.  Previously, one
+      of two ways was used, depending on a build-time flag.  The fast method
+      relied on assumptions about the OS and libc malloc, which were known to
+      not hold for the BSD-derived platforms, and discovered to not hold for
+      32-bit Linux either.  In fact the glibc documentation describes cases
+      where these assumptions do not hold.  The new implementation tests for
+      the situation arising and actively switches over from fast to safe mode.
+
+PP/01 Update the openssl_options possible values through OpenSSL 1.1.1c.
+      New values supported, if defined on system where compiled:
+      allow_no_dhe_kex, cryptopro_tlsext_bug, enable_middlebox_compat,
+      no_anti_replay, no_encrypt_then_mac, prioritize_chacha, tlsext_padding
+
 
 Exim version 4.93
 -----------------