From 3f10efac7a8f561da5ce5f503020b6ab1fa78d28 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Thu, 15 Dec 2022 18:06:50 +0100
Subject: [PATCH] Update changelog

---
 CHANGELOG.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ac12a0f1..bb449799 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,9 @@ SPDX-License-Identifier: CC0-1.0
 ## 1.4.0-rc3-SNAPSHOT
 - `sop generate-key`: Add support for keys without user-ids
 - `sop inline-sign --as=clearsigned`: Make signature in TEXT mode
+- Make countermeasures against KOpenPGP attacks configurable
+  - Countermeasures are now disabled by default since they are costly and have a specific threat model
+  - Can be enabled by calling `Policy.setEnableKeyParameterValidation(true)`
 
 ## 1.4.0-rc2
 - Bump `bcpg-jdk15to18` to `1.72.3`
@@ -50,6 +53,11 @@ SPDX-License-Identifier: CC0-1.0
 - Add `KeyRingUtils.publicKeys(PGPKeyRing keys)`
 - Remove `BCUtil` class
 
+## 1.3.15
+- Fix crash in `sop generate-key --with-key-password` when more than one user-id is given
+- `sop generate-key`: Allow key generation without user-ids
+- `sop inline-sign --as=clearsigned`: Make signatures of type 'text' instead of 'binary'
+
 ## 1.3.14
 - Bump `bcpg` to `1.72.3`
 - Fix DSA key parameter check