DANE: handle servefail for TLSA during Rverify. Bug 3030

[exim.git] / doc / doc-txt / ChangeLog

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 4306cabc0c7693313451ba43bc062c0ae6599e88..2ea8caf23b95b232cfbfe540ea28b5fe9124452d 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -2,6 +2,25 @@ This document describes *changes* to previous versions, that might
 affect Exim's operation, with an unchanged configuration file.  For new
 options, and new features, see the NewStuff file next to this ChangeLog.
 
+Exim version 4.98
+-----------------
+
+JH/01 Support list of dkim results in the dkim_status ACL condition, making
+      it more usable in the data ACL.
+
+JH/02 Bug 3040: Handle error on close of the spool data file during reception. 
+      Previously This was only logged, on the assumption that errors would be
+      seen for a previous fflush().  However, a fuse filesystem has been
+      reported as showing this an error for the fclose().  The spool is now in
+      an uncertain state, and we have logged and responded acceptance.  Change
+      this to respond with a temp-reject, wipe spoolfiles, and log the error
+      detail.
+
+JH/03 Bug 3030: fix handling of DNS servfail respons for DANE TLSA.  When hit
+      during a recipient verify callout, a QUIT command was attempted on the
+      now-closed callout channel, causing a paniclog entry.
+
+
 Exim version 4.97
 -----------------
 
@@ -214,6 +233,7 @@ JH/44 Bug 3033: Harden dnsdb lookups against crafted DNS responses.
 
 HS/02 Fix string_is_ip_address() CVE-2023-42117 (Bug 3031)
 
+
 Exim version 4.96
 -----------------