Turn TRUSTED_CONFIG_PREFIX_LIST into TRUSTED_CONFIG_LIST. No prefix or regexes

[users/jgh/exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 0063c6be00368a80fc6e5c62afa692452305df9c..07501bb6cf4a99078e60270abc1145e61abab168 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -83,6 +83,31 @@ DW/23 Bugzilla 1044: CVE-2010-4345 - part two: extend checks for writeability
       they are going to be used with root privileges, not just the default
       configuration file.
 
       they are going to be used with root privileges, not just the default
       configuration file.
 

+DW/24 Bugzilla 1044: CVE-2010-4345 - part three: remove ALT_CONFIG_ROOT_ONLY
+      option (effectively making it always true).
+
+DW/25 Add TRUSTED_CONFIG_PREFIX_FILE option to allow alternative configuration
+      files to be used while preserving root privileges.
+
+DW/26 Set FD_CLOEXEC on SMTP sockets after forking in the daemon, to ensure
+      that rogue child processes cannot use them.
+
+PP/27 Bugzilla 1047: change the default for system_filter_user to be the Exim
+      run-time user, instead of root.
+
+PP/28 Add WHITELIST_D_MACROS option to let some macros be overriden by the
+      Exim run-time user without dropping privileges.
+
+DW/29 Remove use of va_copy() which breaks pre-C99 systems. Duplicate the
+      result string, instead of calling string_vformat() twice with the same
+      arguments.
+
+DW/30 Allow TRUSTED_CONFIG_PREFIX_FILE only for Exim or CONFIGURE_OWNER, not
+      for other users. Others should always drop root privileges if they use
+      -C on the command line, even for a whitelisted configure file.
+
+DW/31 Turn TRUSTED_CONFIG_PREFIX_FILE into TRUSTED_CONFIG_FILE. No prefixes.
+

 
 Exim version 4.72
 -----------------
 
 Exim version 4.72
 -----------------