]> git.netwichtig.de Git - user/henk/code/exim.git/blobdiff - doc/doc-txt/ChangeLog
projects / user / henk / code / exim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Check return values of setgid/setuid.
[user/henk/code/exim.git] / doc / doc-txt / ChangeLog
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 0780fc7da718589a148286420b9a6279a76dd72f..a1bd4e7fca8f6057257240b217eb7a15f8051de9 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -27,6 +27,16 @@ PP/02 Let /dev/null have normal permissions.
       permissions on /dev/null.  Exempt it from some checks.
       Reported by Andreas M. Kirchwitz.
 
+PP/03 Report version information for many libraries, including
+      Exim version information for dynamically loaded libraries.  Created
+      version.h, now support a version extension string for distributors
+      who patch heavily. Dynamic module ABI change.
+
+PP/04 CVE-2011-0017 - check return value of setuid/setgid. This is a
+      privilege escalation vulnerability whereby the Exim run-time user
+      can cause root to append content of the attacker's choosing to
+      arbitrary files.
+
 
 Exim version 4.73
 -----------------