diff --git a/ChangeLog b/ChangeLog
index 84a05d003..9cb4430a0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,7 @@ Security
      detect it sometimes. Reported by Hugo Leisink. #810
    * Tighten parsing of RSA PKCS#1 v1.5 signatures, to avoid a
      potential Bleichenbacher/BERserk-style attack.
+   * Tighten should-be-constant-time memcmp against compiler optimizations.
 
 Bugfix
    * Remove size zero arrays from ECJPAKE test suite. Size zero arrays are not