From de14914a1ce1219c0a8aacd8e3eff91726237118 Mon Sep 17 00:00:00 2001
From: Douglas Stebila <dstebila@uwaterloo.ca>
Date: Sun, 21 Jun 2020 16:53:26 -0400
Subject: [PATCH] Mention FrodoKEM timing leak in SECURITY.md

---
 SECURITY.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/SECURITY.md b/SECURITY.md
index a07a5a88..9575607a 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -24,6 +24,9 @@ Use at your own risk.
 ### 2019-XX-XX
 -->
 
+### 2020-06-19
+* A potential timing leak was present in the FrodoKEM decapsulation routine, as identified by [Guo, Johansson, and Nilsson](https://eprint.iacr.org/2020/743).  This was fixed in [PR #303](https://github.com/PQClean/PQClean/pull/303).
+
 ### 2019-09-24
 * All Falcon implementations before [PR #235][PR 235] got merged were insecure. See [EPRINT report 2019/893][2019/893].