diff options
author | Jeremy Harris <jgh@wizmail.org> | 2016-12-16 20:45:44 +0000 |
---|---|---|
committer | Jeremy Harris <jgh@wizmail.org> | 2016-12-18 14:02:28 +0000 |
commit | 87cb4a166c47b57df48c2918e47801d77639fbb0 (patch) | |
tree | 315721ad1ecede575e36521fd19a0f64b2ae4a2b /doc | |
parent | 142622b3f385bfcc36eae176763a7225c2e49b3c (diff) |
Fix DKIM information leakage
Diffstat (limited to 'doc')
-rw-r--r-- | doc/doc-docbook/spec.xfpt | 1 | ||||
-rw-r--r-- | doc/doc-txt/ChangeLog | 4 |
2 files changed, 5 insertions, 0 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 0598eccc8..5324be398 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -38273,6 +38273,7 @@ These options take (expandable) strings as arguments. MANDATORY: The domain you want to sign with. The result of this expanded option is put into the &%$dkim_domain%& expansion variable. +If it is empty after expansion, DKIM signing is not done. .option dkim_selector smtp string&!! unset MANDATORY: diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 156413fcd..926a36dc1 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -143,6 +143,10 @@ HS/02 Bug 1802: Do not half-close the connection after sending a request HS/03 Use "auto" as the default EC curve parameter. For OpenSSL < 1.0.2 fallback to "prime256v1". +JH/34 SECURITY: Use proper copy of DATA command in error message. + Could leak key material. Remotely explaoitable. CVE-2016-9963. + + Exim version 4.87 ----------------- JH/01 Bug 1664: Disable OCSP for GnuTLS library versions at/before 3.3.16 |