From ccb6c43bb856dab2b71b2fcaa4b55c22084b689e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez=20Crespo?= <jaime.perez@uninett.no>
Date: Tue, 19 Nov 2019 14:57:46 +0100
Subject: [PATCH] Update changelog

---
 docs/simplesamlphp-changelog.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/simplesamlphp-changelog.md b/docs/simplesamlphp-changelog.md
index e266007f1..a02955c01 100644
--- a/docs/simplesamlphp-changelog.md
+++ b/docs/simplesamlphp-changelog.md
@@ -14,6 +14,8 @@ Released 2019-11-19
   * Fixed an issue with web server aliases or rewritten URLs not working (#1023, #1093).
   * Fixed an issue that prevented errors to be logged if the log file was not writeable (#1194).
   * Fixed an issue with old-style NameIDPolicy configurations that disallowed creating new NameIDs (#1230).
+  * Resolved a security issue that exposed host information to unauthenticated users. See
+    [SSPSA 201911-02](https://simplesamlphp.org/security/201911-02).
   * Replaced custom Email class with the phpmailer library.
   * Allow logging to STDERR in the `logging.handler` option by setting it to `stderr`.
   * Allow use of stream wrappers (e.g. s3://) in paths.
-- 
GitLab