From e970fbf951f50fe164b51525e5eede32d2c82348 Mon Sep 17 00:00:00 2001
From: Brent Cook <bcook@openbsd.org>
Date: Wed, 13 Jun 2018 11:39:22 -0500
Subject: update release notes

---
 ChangeLog | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 893ea06..af40a78 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,19 @@ history is also available from Git.
 
 LibreSSL Portable Release Notes:
 
+2.6.5 - Security fixes
+
+	* Avoid a timing side-channel leak when generating DSA and ECDSA
+	  signatures. This is caused by an attempt to do fast modular
+	  arithmetic, which introduces branches that leak information
+	  regarding secret values. Issue identified and reported by Keegan
+	  Ryan of NCC Group.
+
+	* Reject excessively large primes in DH key generation. Problem
+	  reported by Guido Vranken to OpenSSL
+	  (https://github.com/openssl/openssl/pull/6457) and based on his
+	  diff.
+
 2.6.4 - Bug fixes
 
 	* Make tls_config_parse_protocols() work correctly when passed a NULL
-- 
cgit v1.2.3-55-g6feb