diff --git a/CHANGES.md b/CHANGES.md
index 78eb99e95762a..e71e8783e9fc3 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -68,6 +68,14 @@ OpenSSL 3.1
 
    *Tomáš Mráz*
 
+ * Improved EC/DSA nonce generation routines to avoid bias and timing
+   side channel leaks.
+
+   Thanks to Florian Sieck from Universität zu Lübeck and George Pantelakis
+   and Hubert Kario from Red Hat for reporting the issues.
+
+   *Tomáš Mráz and Paul Dale*
+
  * Fixed an issue where some non-default TLS server configurations can cause
    unbounded memory growth when processing TLSv1.3 sessions. An attacker may
    exploit certain server configurations to trigger unbounded memory growth that