From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sun, 13 Aug 2017 10:07:33 +0000 (+0100)
Subject: Document CVE assignment for Berkeley DB issue
X-Git-Tag: exim-4_90_RC1~92
X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=commitdiff_plain;h=02745400f9f4d92e87d0544da5204f1f60976de4

Document CVE assignment for Berkeley DB issue
---

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 8829de38b..a8a93d5ed 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -126,7 +126,7 @@ JH/18 Prebuild the data-structure for "builtin" macros, for faster startup.
 JH/19 Bug 2141: Use the full-complex API for Berkeley DB rather than the legacy-
       compatible one, to avoid the (poorly documented) possibility of a config
       file in the working directory redirecting the DB files, possibly correpting
-      some existing file.
+      some existing file.  CVE-2017-10140 assigned for BDB.
 
 JH/20 Bug 2147: Do not defer for a verify-with-callout-and-random which is not
       cache-hot.  Previously, although the result was properly cached, the