From 64b67b658a37dd780cc1b2fd0ef87febe461a0ba Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Mon, 23 Apr 2018 11:26:52 +0100
Subject: DKIM: enforce limit of 20 on received DKIM-Signature: headers.  Bug
 2269

---
 doc/doc-txt/ChangeLog | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'doc')

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index bceb22cc3..3e19066a9 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -12,7 +12,11 @@ JH/01 Remove code calling the customisable local_scan function, unless a new
       definition "HAVE_LOCAL_SCAN=yes" is present in the Local/Makefile.
 
 JH/02 Bug 1007: Avoid doing logging from signal-handlers, as that can result in
-      non-signal-safe funxtions being used.
+      non-signal-safe functions being used.
+
+JH/03 Bug 2269: When presented with a received message having a stupidly large
+      number of DKIM-Signature headers, disable DKIM verification to avoid
+      a resource-consumption attack.  The limit is set at twenty.
 
 
 Exim version 4.91
-- 
cgit v1.2.3