2 files changed, 16 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 36ed3d0..3062fc4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,21 @@ history is also available from Git.
 
 LibreSSL Portable Release Notes:
 
+3.0.2 - Stable release
+
+        * Use a valid curve when constructing an EC_KEY that looks like X25519.
+          The recent EC group cofactor change results in stricter validation,
+          which causes the EC_GROUP_set_generator() call to fail.
+          Issue reported and fix tested by rsadowski@
+
+        * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey.
+          (Note that the CMS code is currently disabled)
+          Port of Edlinger's Fix for CVE-2019-1563 from OpenSSL 1.1.1 (old license) 
+
+        * Avoid a path traversal bug in s_server on Windows when run with the -WWW
+          or -HTTP options, due to incomplete path check logic.
+          Issue reported and fix tested by Jobert Abma
+
 3.0.1 - Development release
 
         * Ported Billy Brumley's fix for CVE-2019-1547 in OpenSSL 1.1.1. If a NULL
diff --git a/README.md b/README.md
index 2b45fc0..a4341b0 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 ![LibreSSL image](https://www.libressl.org/images/libressl.jpg)
 ## Official portable version of [LibreSSL](https://www.libressl.org) ##
 
-[![Build Status](https://travis-ci.org/libressl-portable/portable.svg?branch=master)](https://travis-ci.org/libressl-portable/portable)
+[![Build Status](https://travis-ci.org/libressl-portable/portable.svg?branch=master)](https://travis-ci.org/libressl-portable/portable) [![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/libressl.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:libressl)
 
 LibreSSL is a fork of [OpenSSL](https://www.openssl.org) 1.0.1g developed by the
 [OpenBSD](https://www.openbsd.org) project.  Our goal is to modernize the codebase,