From 4e7ee01264c430b044fd81cbc79a09ee0348d018 Mon Sep 17 00:00:00 2001
From: Phil Pennock <pdp@exim.org>
Date: Thu, 24 Mar 2011 04:40:33 -0400
Subject: Also memset(.., 0, ..) the pre-TLS input buffer.

---
 doc/doc-txt/ChangeLog | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'doc')

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 37c7f216f..ce78086a6 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -18,7 +18,8 @@ PP/04 New "dns_use_edns0" global option.
 PP/05 Don't segfault on misconfiguration of ref:name exim-user as uid.
       Bugzilla 1098.
 
-PP/06 Extra paranoia around STARTTLS-with-data-in-buffer.
+PP/06 Extra paranoia around buffer usage at the STARTTLS transition.
+      nb: Exim is not vulnerable to http://www.kb.cert.org/vuls/id/555316
 
 
 Exim version 4.75
-- 
cgit v1.2.3