[exim-cvs] Clarify CL: the CVE security fix already in 4.80.…

Inizio della pagina
Delete this message
Reply to this message
Autore: Exim Git Commits Mailing List
Data:  
To: exim-cvs
Oggetto: [exim-cvs] Clarify CL: the CVE security fix already in 4.80.1
Gitweb: http://git.exim.org/exim.git/commitdiff/e78e6ecfb365485f1a76529278af4e84483e6916
Commit:     e78e6ecfb365485f1a76529278af4e84483e6916
Parent:     b1f3784933eae4f773f542f4f31c0e8b52f2d993
Author:     Phil Pennock <pdp@???>
AuthorDate: Thu Sep 26 11:18:09 2013 -0700
Committer:  Phil Pennock <pdp@???>
CommitDate: Thu Sep 26 11:18:09 2013 -0700


    Clarify CL: the CVE security fix already in 4.80.1


    On re-reading the text for 4.82, it read as though there were a new
    security fix which might require an upgrade.  Clarified that this fix
    has already been released (in 4.80.1).
---
 doc/doc-txt/ChangeLog |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)


diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 61cd6f0..66b9e99 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -87,6 +87,7 @@ JH/10 Add 8bitmime log_selector, for 8bitmime status on the received line.

 PP/11 SECURITY: protect DKIM DNS decoding from remote exploit.
       CVE-2012-5671
+      (nb: this is the same fix as in Exim 4.80.1)


 JH/11 Add A= logging on delivery lines, and a client_set_id option on
       authenticators.
@@ -229,6 +230,7 @@ TL/11 Bugzilla 1382 - Option ldap_require_cert overrides start_tls
       using NULL (global ldap config) instead of ldap handle (per
       session). Bug diagnosis and testing by alxgomz.


+
Exim version 4.80.1
-------------------