From ce6a95d172dbefd0e310c46e0a0d9c56d19e34ca Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Thu, 13 Jun 2024 17:39:34 +0200
Subject: Prepare new release v0.8.3.

---
 Changelog | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'Changelog')

diff --git a/Changelog b/Changelog
index 2863d18..5c91365 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,17 @@
+lacme (0.8.3) upstream;
+
+  + Fix post-issuance validation logic.  We avoid pining the
+    intermediate certificates in the bundle and instead validate the
+    leaf certificate with intermediates supplied during issuance as
+    untrusted (used for chain building only).  Only the root
+    certificates are used as trust anchor.  Not pining intermediate
+    certificates is in line with Let's Encrypt's latest recommendations.
+  + Pass `-in /dev/stdin` option to openssl(1) to avoid warning with
+    OpenSSL 3.2 or later.
+  + Fix test suite.
+
+ -- Guilhem Moulin <guilhem@fripost.org>  Thu, 13 Jun 2024 17:39:34 +0200
+
 lacme (0.8.2) upstream;
 
   + client: Handle "ready" → "processing" → "valid" status change during
-- 
cgit v1.2.3