changelog: update for 0.34.3 (#5926)

Finschia · Jan 19, 2021 · 6b2ab0f · 6b2ab0f
1 parent a2a6852
commit 6b2ab0f
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,23 @@
 # Changelog
 
+## v0.34.3 
+
+*January 19, 2021*
+
+This release includes a fix for a high-severity security vulnerability. 
+More information on this vulnerability will be released on January 26, 2021
+and this changelog will be updated. 
+
+It also updates GoGo Protobuf to 1.3.2 in order to pick up the fix for
+https://nvd.nist.gov/vuln/detail/CVE-2021-3121. 
+
+Friendly reminder: We have a [bug bounty program](https://hackerone.com/tendermint).
+
+### BUG FIXES
+
+- [evidence] [N/A] Use correct source of evidence time (@cmwaters)
+- [proto] [\#5886](https://github.com/tendermint/tendermint/pull/5889) Bump gogoproto to 1.3.2 (@marbar3778)
+
 ## v0.34.2
 
 *January 12, 2021*

diff --git a/CHANGELOG_PENDING.md b/CHANGELOG_PENDING.md
@@ -1,6 +1,6 @@
 # Unreleased Changes
 
-## v0.34.3
+## v0.34.4
 
 Special thanks to external contributors on this release: