]> git.netwichtig.de Git - user/henk/code/exim.git/blobdiff - doc/doc-txt/ChangeLog
projects / user / henk / code / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
DANE: do not check dns_again_means_nonexist for TLSA results of TRY_AGAIN
[user/henk/code/exim.git] / doc / doc-txt / ChangeLog
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index ee86f52d662e4ed49a040dae37992f6cd2733ba7..45834756b1a5b7be528452e4bc2d2f131aeaa30b 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -94,6 +94,14 @@ JH/19 Bug 2911: Fix a recursion in DNS lookups.  Previously, if the main option
       whine (as this is likely a configuration error), and returning
       DNS_NOMATCH.
 
+JH/20 Bug 2954: (OpenSSL) Fix setting of explicit EC curve/group.  Previously
+      this always failed, probably leading to the usual downgrade to in-clear
+      connections.
+
+JH/20 Fix TLSA lookups.  Previously dns_again_means_nonexist would affect
+      SERVFAIL results, which breaks the downgrade resistance of DANE.  Change
+      to not checking that list for these looks.
+
 
 Exim version 4.96
 -----------------