+HS/04 Fix handling of very log lines in -H files. If a -<key> <value> line
+ caused the extension of big_buffer, the following lines were ignored.
+
+JH/38 Bug 1395: Teach the DNS negative-cache about TTL value from the SOA in
+ accordance with RFC 2308. Previously there was no expiry, so a longlived
+ receive process (eg. due to ACL delays) versus a short SOA value could
+ surprise.
+
+HS/05 Handle trailing backslash gracefully. (CVE-2019-15846)
+
+JH/39 Promote DMARC support to mainline.
+
+JH/40 Bug 2452: Add a References: header to DSNs.
+
+JH/41 With GnuTLS 3.6.0 (and later) do not attempt to manage Diffie-Hellman
+ parameters. The relevant library call is documented as "Deprecated: This
+ function is unnecessary and discouraged on GnuTLS 3.6.0 or later. Since
+ 3.6.0, DH parameters are negotiated following RFC7919."
+
+HS/06 Change the default of dnssec_request_domains to "*"
+
+JH/42 Bug 2545: Fix CHUNKING for all RCPT commands rejected. Previously we
+ carried on and emitted a BDAT command, even when PIPELINING was not
+ active.
+
+JH/43 Bug 2465: Fix taint-handling in dsearch lookup. Previously a nontainted
+ buffer was used for the filename, resulting in a trap when tainted
+ arguments (eg. $domain) were used.
+