diff options
| author | Qualys Security Advisory <qsa@qualys.com> | 2021-02-21 21:53:55 -0800 |
|---|---|---|
| committer | Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de> | 2021-05-27 21:30:54 +0200 |
| commit | e4e3d18dad8b9b8560889f552e1060d0f83c7159 (patch) | |
| tree | fff179fc5cd867aa9c7e799a413bece66e42928f /doc | |
| parent | cf8734c3fd0823053ae3605beb8681d0957cf4a6 (diff) | |
CVE-2020-28012: Missing close-on-exec flag for privileged pipe
(cherry picked from commit 72dad1e64bb3d1ff387938f59678098cab1f60a3)
(cherry picked from commit 645a31d16195bb6b73f0a0d0c04b2251e5b28421)
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/doc-txt/ChangeLog | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index adf43bc4b..bcace272d 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -302,6 +302,9 @@ QS/01 Creation of (database) files in $spool_dir: only uid=0 or the uid of QS/02 PID file creation/deletion: only possible if uid=0 or uid is the Exim runtime user. +QS/03 When reading the output from interpreted forward files we do not + pass the pipe between the parent and the interpreting process to + executed child processes (if any). Exim version 4.94 ----------------- |