summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPhil Pennock <pdp@exim.org>2011-05-08 23:00:17 -0400
committerPhil Pennock <pdp@exim.org>2011-05-08 23:00:17 -0400
commit6ea4a8515023997aeb674688d2247bbabfa58aa1 (patch)
tree00984c0d02fc872bf37572f1df555b9a536abb0e
parent053a9aa35c76fe12f456b508fc9d96aa9a78e6c5 (diff)
ChangeLog updates for the security issues.exim-4_76_RC2
-rw-r--r--doc/doc-txt/ChangeLog10
1 files changed, 9 insertions, 1 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index b30b6abda..59227705d 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -31,7 +31,15 @@ PP/08 Condition negation of bool{}/bool_lax{} did not negate. Fixed.
Bugzilla 1104.
TK/02 Bugzilla 1106: CVE-2011-1764 - DKIM log line was subject to a
- format-string attack.
+ format-string attack -- SECURITY: remote arbitrary code execution.
+
+TK/03 SECURITY - DKIM signature header parsing was double-expanded, second
+ time unintentionally subject to list matching rules, letting the header
+ cause arbitrary Exim lookups (of items which can occur in lists, *not*
+ arbitrary string expansion). This allowed for information disclosure.
+
+PP/09 Fix another SIGFPE (x86) in ${eval:...} expansion, this time related to
+ INT_MIN/-1 -- value coerced to INT_MAX.
Exim version 4.75