X-Git-Url: https://git.exim.org/users/jgh/exim.git/blobdiff_plain/72934ba73e5ac5fbd64b56dc684e3371a9651909..3709254fd0fd46f0efa74fe85c80260958b9c51e:/doc/doc-txt/ChangeLog?ds=inline

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 00377b9ff..cf104e7f1 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -193,6 +193,14 @@ JH/33 Downgrade an unfound-list name (usually a typo in the config file) from
       something like "domains check lookup or other defer".  The SMTP 451
       message is still "Temporary local problem".
 
+JH/34 Bug 2199: Fix a use-after-free while reading smtp input for header lines.
+      A crafted sequence of BDAT commands could result in in-use memory beeing
+      freed.  CVE-2017-16943.
+
+HS/03 Bug 2201: Fix checking for leading-dot on a line during headers reading
+      from SMTP input.  Previously it was always done; now only done for DATA
+      and not BDAT commands.  CVE-2017-16944.
+
 
 Exim version 4.89
 -----------------