From 6a4688fdb158b4f4783e4051e045fbaaaf09b67b Mon Sep 17 00:00:00 2001
From: Akinori MUSHA <knu@idaemons.org>
Date: Fri, 30 Sep 2016 19:26:31 +0900
Subject: [PATCH] Add an entry for the previous change

---
 CHANGELOG.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f3a318d..ba04f6f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,9 @@
+## 1.0.3 (2016-09-30)
+
+- Treat comma as normal character in HTTP::Cookie.cookie_value_to_hash
+  instead of key-value pair separator.  This should fix the problem
+  described in CVE-2016-7401.
+
 ## 1.0.2 (2013-09-10)
 
   - Fix HTTP::Cookie.parse so that it does not raise ArgumentError