Don't open spool data-files which are symlinks

author: Phil Pennock <pdp@exim.org> 2018-05-15 19:04:34 -0400
committer: Phil Pennock <pdp@exim.org> 2018-05-15 19:04:34 -0400
commit: 85defcf0e9e4187107b8a1a5138ef9590ac3892c (patch)
tree: 662e6ddbf5df16c42bf423c270aabb9cfb1ea156 /doc/doc-txt/ChangeLog
parent: 97e939dfe2ea44a6e243ff6f489790ccd94f39ee (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index d9b77804b..d99b2684a 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -29,6 +29,9 @@ JH/05 Bug 2273: Cutthrough delivery left a window where the received messsage
       add more error-checking on spoolfile handling while that code is being
       messed with.
 
+PP/01 Refuse to open a spool data file (*-D) if it's a symlink.
+      No known attacks, no CVE, this is defensive hardening.
+
 
 Exim version 4.91
 -----------------
author	Phil Pennock <pdp@exim.org>	2018-05-15 19:04:34 -0400
committer	Phil Pennock <pdp@exim.org>	2018-05-15 19:04:34 -0400
commit	85defcf0e9e4187107b8a1a5138ef9590ac3892c (patch)
tree	662e6ddbf5df16c42bf423c270aabb9cfb1ea156 /doc/doc-txt/ChangeLog
parent	97e939dfe2ea44a6e243ff6f489790ccd94f39ee (diff)