From c2f191be6bd6ba6a62cd899a7cce409da9651a85 Mon Sep 17 00:00:00 2001
From: Marcus Bointon <marcus@synchromedia.co.uk>
Date: Tue, 15 Jun 2021 19:53:27 +0200
Subject: [PATCH] Changelog

---
 changelog.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/changelog.md b/changelog.md
index 01954d19..5643540d 100644
--- a/changelog.md
+++ b/changelog.md
@@ -1,5 +1,7 @@
 # PHPMailer Change Log
 
+* **SECURITY** Fixes CVE-2021-3603 that may permit untrusted code to be run from an address validator, see SECURITY.md for details
+
 ## Version 6.4.1 (April 29th, 2021)
 * **SECURITY** Fixes CVE-2020-36326, a regression of CVE-2018-19296 object injection introduced in 6.1.8, see SECURITY.md for details
 * Reject more file paths that look like URLs, matching RFC3986 spec, blocking URLS using schemes such as `ssh2`