From c06643001ec16107b66ff72f134eefbc7feca9f0 Mon Sep 17 00:00:00 2001
From: AJ Jordan <alex@strugee.net>
Date: Tue, 19 Dec 2017 02:10:16 -0500
Subject: [PATCH] Note CVE-2017-5592 in the CHANGELOG

---
 CHANGELOG | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG b/CHANGELOG
index ba2199ba..cd1e8486 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -21,6 +21,7 @@
 - Allow plugins to complete file paths with prof.filepath_completer_add function
 - Add encryption settings functions to plugins api
 - Allow plugins to block message sending on pre message send hooks
+- Fix CVE-2017-5592 (incorrect implementation of Message Carbons allowing social engineering attacks)
 - Bug fixes: https://github.com/boothj5/profanity/milestone/15?closed=1
 
 0.5.0