From 7e69c3a6af5d7f407781a080fb526ed766394697 Mon Sep 17 00:00:00 2001
From: Theo Buehler <tb@openbsd.org>
Date: Sat, 27 May 2023 07:51:18 -0600
Subject: Update ChangeLog

---
 ChangeLog | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index fc453d0..f05fd3a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,11 +28,24 @@ history is also available from Git.
 
 LibreSSL Portable Release Notes:
 
+3.8.1 - In development
+
+	* Portable changes
+	* Internal improvements
+	  - Fixed alignment handling in SHA512.
+	  - Moved the verified_chain to the correct internal struct.
+	* New features
+	* Compatibility changes
+	* Bug fixes
+	* Documentation improvements
+	* Testing and Proactive Security
+
 3.8.0 - Development release
 
 	* Portable changes
 	  - Extended the endian.h compat header with hto* and *toh macros.
 	  - Adapted more tests to the portable framework.
+	  - Internal tools are now statically linked.
 	* Internal improvements
 	  - Improved sieve of Eratosthenes script used for generating a table
 	    of small primes.
@@ -95,6 +108,14 @@ LibreSSL Portable Release Notes:
 	  - As always, new test coverage is added as bugs are fixed and subsystems
 	    are cleaned up.
 
+3.7.3 - Bug and reliability fixes
+
+	* Bug fix
+	  - Hostflags in the verify parameters would not propagate from an
+	    SSL_CTX to newly created SSL.
+	* Reliability fix
+	  - A double free or use after free could occur after SSL_clear(3).
+
 3.7.2 - Stable release
 
 	* Portable changes
@@ -209,6 +230,20 @@ LibreSSL Portable Release Notes:
 	    support for EVP_PKEY_ED25519, EVP_PKEY_HMAC and EVP_PKEY_X25519.
 	    Poly1305 is not currently supported via this interface.
 
+3.6.3 - Bug and reliability fixes
+
+	* Bug fix
+	  - Hostflags in the verify parameters would not propagate from an
+	    SSL_CTX to newly created SSL.
+	* Reliability fix
+	  - A double free or use after free could occur after SSL_clear(3).
+
+3.6.2 - Security release
+
+	* Security fix
+	  - A malicious certificate revocation list or timestamp response token
+	    would allow an attacker to read arbitrary memory.
+
 3.6.1 - Stable release
 
 	* Bug fixes
-- 
cgit v1.2.3-55-g6feb