Taint: fix multiple ACL actions to properly manage tainted argument data

author: Jeremy Harris <jgh146exb@wizmail.org> 2020-06-03 11:40:17 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2020-06-03 11:40:17 +0100
commit: 12b7f811de4a540d0724585aecfa33b5881e2a30 (patch)
tree: bbf7125cc011ba386492bf09f4cbfdf1a1be337a /doc/doc-txt
parent: 1195f8f2a4329ae21a4ec5d3fa3666c6c4fa2d2f (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 19a1b1785..d9959d5ac 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -17,7 +17,9 @@ JH/02 Bug 2587: Fix pam expansion condition.  Tainted values are commonly used
 
 JH/03 Bug 2586: Fix listcount expansion operator.  Using tainted arguments is
       reasonable, eg. to count headers.  Fix by using dynamically created
-      buffers rather than a local,
+      buffers rather than a local.  Do similar fixes for ACL actions "dcc",
+      "log_reject_target", "malware" and "spam"; the arguments are expanded
+      so could be handling tainted values.
 
 
 Exim version 4.94
author	Jeremy Harris <jgh146exb@wizmail.org>	2020-06-03 11:40:17 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2020-06-03 11:40:17 +0100
commit	12b7f811de4a540d0724585aecfa33b5881e2a30 (patch)
tree	bbf7125cc011ba386492bf09f4cbfdf1a1be337a /doc/doc-txt
parent	1195f8f2a4329ae21a4ec5d3fa3666c6c4fa2d2f (diff)