From 863ec0962210fcb946e68caa7431f69583814c73 Mon Sep 17 00:00:00 2001
From: Richard van der Hoff <richard@matrix.org>
Date: Fri, 3 May 2019 16:03:24 +0100
Subject: 0.99.3.1

---
 CHANGES.md | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'CHANGES.md')

diff --git a/CHANGES.md b/CHANGES.md
index 490c2021e0..d8eba2ec60 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,3 +1,12 @@
+Synapse 0.99.3.1 (2019-05-03)
+=============================
+
+Bugfixes
+--------
+
+- Switch to using a cryptographically-secure random number generator for token strings, ensuring they cannot be predicted by an attacker. Thanks to @opnsec for identifying and responsibly disclosing this issue! ([\#5133](https://github.com/matrix-org/synapse/issues/5133))
+- Blacklist 0.0.0.0 and :: by default for URL previews. Thanks to @opnsec for identifying and responsibly disclosing this issue too! ([\#5134](https://github.com/matrix-org/synapse/issues/5134))
+
 Synapse 0.99.3 (2019-04-01)
 ===========================
 
-- 
cgit 1.4.1