git://git.exim.org / users / jgh / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Callouts: filter smtp response for bad chars before using in our smtp response. ...
[users/jgh/exim.git] / doc / doc-txt / ChangeLog
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 2e839039c6bb0c4729790f17b1beb677cf940f86..7fca99b620413ab5538c3a71e38dc10597e18c4b 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -149,6 +149,21 @@ JH/30 Bug 2411: Fix DSN generation when RFC 3461 failure notification is
 
 JH/31 Avoid re-expansion in ${sort } expansion. (CVE-2019-13917)
 
+JH/32 Introduce a general tainting mechanism for values read from the input
+      channel, and values derived from them.  Refuse to expand any tainted
+      values, to catch one form of exploit.
+
+JH/33 Bug 2413: Fix dkim_strict option.  Previously the expansion result
+      was unused and the unexpanded text used for the test.  Found and
+      fixed by Ruben Jenster.
+
+JH/34 Fix crash after TLS shutdown.  When the TCP/SMTP channel was left open,
+      an attempt to use a TLS library read routine dereffed a nul pointer,
+      causing a segfault.
+
+JH/35 Bug 2409: filter out-of-spec chars from callout response before using
+      them in our smtp response.
+
 
 Exim version 4.92
 -----------------
Jeremy Harris' staging directory