1 files changed, 29 insertions, 0 deletions

diff --git a/ReleaseNotes b/ReleaseNotes
index d094336a66..cc2a0d920e 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -2,6 +2,35 @@ This document summarizes new features and bugfixes in each stable
 release of Tor. If you want to see more detailed descriptions of the
 changes in each development snapshot, see the ChangeLog file.
 
+Changes in version 0.4.5.16 - 2023-01-12
+  This version has one major bugfix for relay and a security fix,
+  TROVE-2022-002, affecting clients. We strongly recommend to upgrade to our
+  0.4.7.x stable series. As a reminder, this series is EOL on February 15th,
+  2023.
+
+  o Major bugfixes (relay):
+    - When opening a channel because of a circuit request that did not
+      include an Ed25519 identity, record the Ed25519 identity that we
+      actually received, so that we can use the channel for other
+      circuit requests that _do_ list an Ed25519 identity. (Previously
+      we had code to record this identity, but a logic bug caused it to
+      be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch
+      from "cypherpunks".
+
+  o Major bugfixes (TROVE-2022-002, client):
+    - The SafeSocks option had its logic inverted for SOCKS4 and
+      SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe
+      SOCKS4a one. This is TROVE-2022-002 which was reported on
+      Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha.
+
+  o Minor features (fallbackdir):
+    - Regenerate fallback directories generated on January 12, 2023.
+
+  o Minor features (geoip data):
+    - Update the geoip files to match the IPFire Location Database, as
+      retrieved on 2023/01/12.
+
+
 Changes in version 0.4.5.15 - 2022-12-06
   This version has several major changes for directory authorities. And a
   major bugfix on OSX. Again, we strongly recommend to upgrade to our 0.4.7.x