git://git.exim.org
/
users
/
jgh
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Check configure file permissions even for non-default files if still privileged
[users/jgh/exim.git]
/
doc
/
doc-txt
/
ChangeLog
diff --git
a/doc/doc-txt/ChangeLog
b/doc/doc-txt/ChangeLog
index 99a6f176b3d05230aa4c07ee949e7e2db1997500..0063c6be00368a80fc6e5c62afa692452305df9c 100644
(file)
--- a/
doc/doc-txt/ChangeLog
+++ b/
doc/doc-txt/ChangeLog
@@
-78,6
+78,11
@@
DW/22 Bugzilla 1044: CVE-2010-4345 - partial fix: restrict default behaviour
of CONFIGURE_OWNER and CONFIGURE_GROUP options to no longer allow a
configuration file which is writeable by the Exim user or group.
of CONFIGURE_OWNER and CONFIGURE_GROUP options to no longer allow a
configuration file which is writeable by the Exim user or group.
+DW/23 Bugzilla 1044: CVE-2010-4345 - part two: extend checks for writeability
+ of configuration files to cover files specified with the -C option if
+ they are going to be used with root privileges, not just the default
+ configuration file.
+
Exim version 4.72
-----------------
Exim version 4.72
-----------------