From b36b87ceefd50fa691eb5b46865d0c28a8c511dd Mon Sep 17 00:00:00 2001
From: Jeff Forcier <jeff@bitprophet.org>
Date: Mon, 8 Sep 2014 10:48:33 -0700
Subject: Changelog re #298

---
 sites/www/changelog.rst | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'sites')

diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst
index 44bd61e9..2f23d0fc 100644
--- a/sites/www/changelog.rst
+++ b/sites/www/changelog.rst
@@ -2,6 +2,15 @@
 Changelog
 =========
 
+* :bug:`298 major` Don't perform point validation on ECDSA keys in
+  ``known_hosts`` files, since a) this can cause significant slowdown when such
+  keys exist, and b) ``known_hosts`` files are implicitly trustworthy. Thanks
+  to Kieran Spear for catch & patch.
+
+  .. note::
+    This change bumps up the version requirement for the ``ecdsa`` library to
+    ``0.11``.
+
 * :bug:`234 major` Lower logging levels for a few overly-noisy log messages
   about secure channels. Thanks to David Pursehouse for noticing & contributing
   the fix.
-- 
cgit v1.2.3