From 8d69247061599b35b60308ca4b75ba529b8dcba2 Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sun, 26 Oct 2014 21:06:46 +0000
Subject: Do not permit multi-component wildcards on certificate names
 (OpenSSL)

---
 doc/doc-txt/ChangeLog | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'doc/doc-txt/ChangeLog')

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index ed4574729..b389a7deb 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -59,6 +59,11 @@ JH/08 Rename the TPDA expermimental facility to Event Actions.  The #ifdef
       raised for inbound connections, if the main configuration event_action
       option is defined.
 
+JH/09 When compiled with OpenSSL and EXPERIMENTAL_CERTNAMES, the checks on
+      server certificate names available under the smtp transport option
+      "tls_verify_cert_hostname" now do not permit multi-component wildcard
+      matches.
+
 
 Exim version 4.84
 -----------------
-- 
cgit v1.2.3