summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorDavid Woodhouse <David.Woodhouse@intel.com>2010-12-11 14:09:17 +0000
committerDavid Woodhouse <David.Woodhouse@intel.com>2010-12-11 22:06:03 +0000
commite2f5dc151e2e79058e93924e6d35510557f0535d (patch)
tree8673a7a783bc8422a84503efb70dbb223f226793 /doc
parentc1d94452b1b7f3620ee3cc9aa197ad98821de79f (diff)
Check configure file permissions even for non-default files if still privileged
(Bug 1044, CVE-2010-4345)
Diffstat (limited to 'doc')
-rw-r--r--doc/doc-txt/ChangeLog5
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 99a6f176b..0063c6be0 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -78,6 +78,11 @@ DW/22 Bugzilla 1044: CVE-2010-4345 - partial fix: restrict default behaviour
of CONFIGURE_OWNER and CONFIGURE_GROUP options to no longer allow a
configuration file which is writeable by the Exim user or group.
+DW/23 Bugzilla 1044: CVE-2010-4345 - part two: extend checks for writeability
+ of configuration files to cover files specified with the -C option if
+ they are going to be used with root privileges, not just the default
+ configuration file.
+
Exim version 4.72
-----------------