Defend against symlink attack by another process running as exim

Reported-by: http://www.halfdog.net/Security/2016/DebianEximSpoolLocalRoot/
author: Jeremy Harris <jgh146exb@wizmail.org> 2016-09-22 22:55:49 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2016-09-22 22:55:49 +0100
commit: 92b0827a90559a266bd00662d842b643ac8bdc81 (patch)
tree: d74deb3c96ddd432246be5bbf902440bf8e422da /doc
parent: d1f9fb42472323edb17c3ee3cbbfce3557083ceb (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index b920d92cc..28007d01f 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -99,6 +99,11 @@ JH/26 Fix problem with one_time used on a redirect router which returned the
       delivered, so not attempt the (identical) child.  As a result mail would
       be lost.
 
+JH/27 Fix a possible security hole, wherein a process operating with the Exim
+      UID can gain a root shell.  Credit to http://www.halfdog.net/ for
+      discovery and writeup.  Ubuntu bug 1580454; no bug raised against Exim
+      itself :(
+
 
 Exim version 4.87
 -----------------
author	Jeremy Harris <jgh146exb@wizmail.org>	2016-09-22 22:55:49 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2016-09-22 22:55:49 +0100
commit	92b0827a90559a266bd00662d842b643ac8bdc81 (patch)
tree	d74deb3c96ddd432246be5bbf902440bf8e422da /doc
parent	d1f9fb42472323edb17c3ee3cbbfce3557083ceb (diff)