# HG changeset patch
# User markus schnalke <meillo@marmaro.de>
# Date 1314461575 -7200
# Node ID 1210d3f1af2b6d5726b9552f1039951b472295dd
# Parent  b3835b6b834bf7a22909b4dbbc879d3ff4216d57
Updated ChangeLog and NEWS

diff -r b3835b6b834b -r 1210d3f1af2b ChangeLog
--- a/ChangeLog	Sat Aug 27 18:00:40 2011 +0200
+++ b/ChangeLog	Sat Aug 27 18:12:55 2011 +0200
@@ -7,9 +7,17 @@
 technical speach and with focus on compatibility.
 
 
+0.2.30  Sat, 27 Aug 2011 18:00:57 +0200
+	* Fixed a possible security problem, reported by John Lightsey. See
+	  Debian bug #638002. The return value of seteuid() calls was handled
+	  wrong or not at all. Now, the (already available) set_euidgid()
+	  function is used when possible. Additionally, removed the unnecessary
+	  identity change when writing into an already open file descriptor.
+
 0.2.29  Fri, 03 Jun 2011 09:52:44 +0200
 	* Fixed a problem with folded headers. The folded lines of a
 	  long header would be ignored in unpredictable cases.
+
 0.2.28  Fri, 23 Jul 2010 09:58:56 +0200
 	* added STARTTLS support with external wrappers like openssl.
 	  Added a new route config option `instant_helo' therefore.
diff -r b3835b6b834b -r 1210d3f1af2b NEWS
--- a/NEWS	Sat Aug 27 18:00:40 2011 +0200
+++ b/NEWS	Sat Aug 27 18:12:55 2011 +0200
@@ -7,6 +7,12 @@
 The manual pages describe newly added options. Take them for reference.
 
 
+0.2.30
+
+-  Fixed a possible security problem, reported by John Lightsey. Unwanted
+identity changes to the user root could have appeared.
+
+
 0.2.29
 
 - Fixed a problem with folded headers. In earlier versions mail to