From 351b51613bd7cbb3ad246df3980961cd0e2f5d19 Mon Sep 17 00:00:00 2001
From: Brent Cook <bcook@openbsd.org>
Date: Thu, 11 Jun 2015 09:02:54 -0500
Subject: add security update notes

---
 ChangeLog | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 2893d20..eb50497 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -31,7 +31,7 @@ LibreSSL Portable Release Notes:
 This release primarily addresses a number of security issues in coordination
 with the OpenSSL project.
 
-2.2.0 - Build cleanups and OS support
+2.2.0 - Build cleanups and new OS support, Security Updates
 
 	* AIX Support - thanks to Michael Felt
 
@@ -51,6 +51,20 @@ with the OpenSSL project.
 
 	* Various bug fixes and simplifications to libssl and libcrypto
 
+	* Fixes for the following issues are integrated into LibreSSL 2.2.0:
+	 - CVE-2015-1788 - Malformed ECParameters causes infinite loop
+	 - CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time
+	 - CVE-2015-1792 - CMS verify infinite loop with unknown hash function
+
+	* The following CVEs did not apply to LibreSSL or were fixed in
+	  earlier releases:
+	 - CVE-2015-4000 - DHE man-in-the-middle protection (Logjam)
+	 - CVE-2015-1790 - PKCS7 crash with missing EnvelopedContent
+	 - CVE-2014-8176 - Invalid free in DTLS
+
+	* Fixes for the following CVEs are still in review for LibreSSL
+	 - CVE-2015-1791 - Race condition handling NewSessionTicket
+
 2.1.6 - Security update
 
 	* Fixes for the following issues are integrated into LibreSSL 2.1.6:
-- 
cgit v1.2.3-55-g6feb