X-Git-Url: https://git.exim.org/users/heiko/exim.git/blobdiff_plain/ef546e788203ac3881abe2ddb17f3e24f6524d15..623f07cfdcaca96274ca765d0fcf0761bdf7151b:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 585deb042..015959cb6 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -3,6 +3,21 @@ affect Exim's operation, with an unchanged configuration file. For new options, and new features, see the NewStuff file next to this ChangeLog. +Since Exim version 4.94 +----------------------- + +JH/02 Bug 2587: Fix pam expansion condition. Tainted values are commonly used + as arguments, so an implementation trying to copy these into a local + buffer was taking a taint-enforcement trap. Fix by using dynamically + created buffers. + +JH/03 Bug 2586: Fix listcount expansion operator. Using tainted arguments is + reasonable, eg. to count headers. Fix by using dynamically created + buffers rather than a local. Do similar fixes for ACL actions "dcc", + "log_reject_target", "malware" and "spam"; the arguments are expanded + so could be handling tainted values. + + Exim version 4.94 -----------------