From 518f0a0dd6df6f0d0ea51bfa126982d134e7a7ff Mon Sep 17 00:00:00 2001
From: Phil Pennock <phil+git@pennock-tech.com>
Date: Thu, 29 Oct 2020 22:40:59 -0400
Subject: SECURITY: fix SMTP verb option parsing

A boundary case in looking for an opening quote before the closing quote could
walk off the front of the buffer.

(cherry picked from commit 515d8d43a18481d23d7cf410b8dc71b4e254ebb8)
(cherry picked from commit 467948de0c407bd2bbc2e84abbbf09f35b035538)
---
 doc/doc-txt/ChangeLog | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'doc')

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 3d0e638d2..9837d6c0f 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -285,6 +285,9 @@ PP/09 Fix security issue with too many recipients on a message (to remove a
       or if local additions add to the recipient list).
       Fixes CVE-2020-RCPTL reported by Qualys.
 
+PP/10 Fix security issue in SMTP verb option parsing
+      Fixes CVE-2020-EXOPT reported by Qualys.
+
 
 Exim version 4.94
 -----------------
-- 
cgit v1.2.3