From 6ac82546b1e99b38279a865a874a998e25f34173 Mon Sep 17 00:00:00 2001
From: Wei Fu <fuweid89@gmail.com>
Date: Mon, 24 Feb 2025 13:20:01 -0500
Subject: [PATCH 1/2] CHANGELOG: update 3.6 changelog with DowngradeInfo

Signed-off-by: Wei Fu <fuweid89@gmail.com>
---
 CHANGELOG/CHANGELOG-3.6.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/CHANGELOG/CHANGELOG-3.6.md b/CHANGELOG/CHANGELOG-3.6.md
index 2192e3076f7..59275365e11 100644
--- a/CHANGELOG/CHANGELOG-3.6.md
+++ b/CHANGELOG/CHANGELOG-3.6.md
@@ -8,6 +8,16 @@ Previous change logs can be found at [CHANGELOG-3.5](https://github.com/etcd-io/
 
 <hr>
 
+## v3.6.0-rc.1 (TBD)
+
+### etcdctl v3
+
+- Add [`DowngradeInfo` in result of endpoint status](https://github.com/etcd-io/etcd/pull/19471)
+
+### etcd server
+
+- Add [`DowngradeInfo` to endpoint status response](https://github.com/etcd-io/etcd/pull/19471)
+
 ## v3.6.0-rc.0 (2025-02-13)
 
 See [code changes](https://github.com/etcd-io/etcd/compare/v3.5.0...v3.6.0).

From 23a560f0004310cb34a84265ec1137e5abc9c135 Mon Sep 17 00:00:00 2001
From: Ivan Valdes <ivan@vald.es>
Date: Mon, 24 Feb 2025 16:57:42 -0800
Subject: [PATCH 2/2] changelog: add note from CVE-2025-22869

Signed-off-by: Ivan Valdes <ivan@vald.es>
---
 CHANGELOG/CHANGELOG-3.4.md | 3 ++-
 CHANGELOG/CHANGELOG-3.5.md | 1 +
 CHANGELOG/CHANGELOG-3.6.md | 4 ++++
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG/CHANGELOG-3.4.md b/CHANGELOG/CHANGELOG-3.4.md
index dbf3adbc253..027fc15c0bb 100644
--- a/CHANGELOG/CHANGELOG-3.4.md
+++ b/CHANGELOG/CHANGELOG-3.4.md
@@ -15,7 +15,8 @@ Previous change logs can be found at [CHANGELOG-3.3](https://github.com/etcd-io/
 
 ### Dependencies
 - Compile binaries using [go 1.23.6](https://github.com/etcd-io/etcd/pull/19429)
-- Bump [golang.org/x/crypto to 0.32.0 to address CVE-2024-45337 and golang.org/x/net to 0.34.0 to address CVE-2024-45338](https://github.com/etcd-io/etcd/pull/19197).
+- Bump golang.org/x/crypto to v0.35.0 to address [CVE-2024-45337](https://github.com/etcd-io/etcd/pull/19197) and [CVE-2025-22869](https://github.com/etcd-io/etcd/pull/19477).
+- Bump golang.org/x/net to v0.34.0 to address [CVE-2024-45338](https://github.com/etcd-io/etcd/pull/19197).
 
 <hr>
 
diff --git a/CHANGELOG/CHANGELOG-3.5.md b/CHANGELOG/CHANGELOG-3.5.md
index 44041890fb7..deb6e5b222d 100644
--- a/CHANGELOG/CHANGELOG-3.5.md
+++ b/CHANGELOG/CHANGELOG-3.5.md
@@ -14,6 +14,7 @@ Previous change logs can be found at [CHANGELOG-3.4](https://github.com/etcd-io/
 
 ### Dependencies
 - Compile binaries using [go 1.23.6](https://github.com/etcd-io/etcd/pull/19430).
+- Bump [golang.org/x/crypto to v0.35.0 to address CVE-2025-22869](https://github.com/etcd-io/etcd/pull/19478).
 
 <hr>
 
diff --git a/CHANGELOG/CHANGELOG-3.6.md b/CHANGELOG/CHANGELOG-3.6.md
index 59275365e11..fa6d17bfb58 100644
--- a/CHANGELOG/CHANGELOG-3.6.md
+++ b/CHANGELOG/CHANGELOG-3.6.md
@@ -18,6 +18,10 @@ Previous change logs can be found at [CHANGELOG-3.5](https://github.com/etcd-io/
 
 - Add [`DowngradeInfo` to endpoint status response](https://github.com/etcd-io/etcd/pull/19471)
 
+### Dependencies
+
+- Bump [golang.org/x/crypto to v0.35.0 to address CVE-2025-22869](https://github.com/etcd-io/etcd/pull/19480).
+
 ## v3.6.0-rc.0 (2025-02-13)
 
 See [code changes](https://github.com/etcd-io/etcd/compare/v3.5.0...v3.6.0).