From 12b7f811de4a540d0724585aecfa33b5881e2a30 Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Wed, 3 Jun 2020 11:40:17 +0100
Subject: Taint: fix multiple ACL actions to properly manage tainted argument
 data

---
 doc/doc-txt/ChangeLog | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'doc/doc-txt')

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 19a1b1785..d9959d5ac 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -17,7 +17,9 @@ JH/02 Bug 2587: Fix pam expansion condition.  Tainted values are commonly used
 
 JH/03 Bug 2586: Fix listcount expansion operator.  Using tainted arguments is
       reasonable, eg. to count headers.  Fix by using dynamically created
-      buffers rather than a local,
+      buffers rather than a local.  Do similar fixes for ACL actions "dcc",
+      "log_reject_target", "malware" and "spam"; the arguments are expanded
+      so could be handling tainted values.
 
 
 Exim version 4.94
-- 
cgit v1.2.3