AUTH: avoid logging creds on ACL denial

author: Jeremy Harris <jgh146exb@wizmail.org> 2021-01-25 14:55:06 +0000
committer: Jeremy Harris <jgh146exb@wizmail.org> 2021-01-25 14:55:06 +0000
commit: 37a81ae7317bb78b2ff152821930c2ff0873512b (patch)
tree: 6d9fc9a97b69f0c789569eb35888dbbcaaa16469 /doc
parent: 8d7e00e408df4d92c37caabbfd68cdc75ebd2dfb (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index e1381c156..b20991280 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -180,6 +180,10 @@ JH/36 Bug 2687: Fix interpretation of multiple ^ chars in a plaintext
 JH/37 Enforce the expected size, for fixed-size records read from hints-DB
       files.  For bad sizes read, delete the record and whine to paniclog.
 
+JH/38 When logging an AUTH failure, as server, do not include sensitive
+      information. Previously, the credentials would be included if given
+      as part of the AUTH command line and an ACL denied authentidcation.
+
 
 
 Exim version 4.94
author	Jeremy Harris <jgh146exb@wizmail.org>	2021-01-25 14:55:06 +0000
committer	Jeremy Harris <jgh146exb@wizmail.org>	2021-01-25 14:55:06 +0000
commit	37a81ae7317bb78b2ff152821930c2ff0873512b (patch)
tree	6d9fc9a97b69f0c789569eb35888dbbcaaa16469 /doc
parent	8d7e00e408df4d92c37caabbfd68cdc75ebd2dfb (diff)