diff --git a/ChangeLog b/ChangeLog
index 55e8cf16a..4e919c98a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,8 @@ Security
      and omitted for the sake of saving memory, but potentially
      leading to slight timing differences.
      Reported by Marco Macchetti, Kudelski Group.
+   * Wipe stack buffer temporarily holding EC private exponent
+     after keypair generation.
 
 Bugfix
    * Fix ssl_parse_record_header() to silently discard invalid DTLS records