From 8c6cab6bc918fe3647b18ce90828d04589109c9b Mon Sep 17 00:00:00 2001
From: Florian Bruhin <me@the-compiler.org>
Date: Sat, 2 May 2020 19:26:11 +0200
Subject: Update changelog

---
 doc/changelog.asciidoc | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc
index 436bf16f1..3c438f6fc 100644
--- a/doc/changelog.asciidoc
+++ b/doc/changelog.asciidoc
@@ -15,6 +15,20 @@ breaking changes (such as renamed commands) can happen in minor releases.
 // `Fixed` for any bug fixes.
 // `Security` to invite users to upgrade in case of vulnerabilities.
 
+v1.11.1 (unreleased)
+--------------------
+
+Security
+~~~~~~~~
+
+- After a certificate error was overridden by the user, qutebrowser displays
+  the URL as yellow (`colors.statusbar.url.warn.fg`). However, when the
+  affected website was subsequently loaded again, the URL was mistakenly
+  displayed as green (`colors.statusbar.url.success_https`). While the user
+  already has seen a certificate error prompt at this point (or set
+  `content.ssl_strict` to `false` which is not recommended), this could still
+  provide a false sense of security. This is now fixed.
+
 v1.11.0 (2020-04-27)
 --------------------
 
-- 
cgit v1.2.3-54-g00ecf