From 924e3ab05ca56e53ebcb994e4a63977e56f06d2f Mon Sep 17 00:00:00 2001
From: Mike Dalessio <mike.dalessio@gmail.com>
Date: Thu, 9 Jun 2022 18:21:38 -0400
Subject: [PATCH] update CHANGELOG for v1.4.3

---
 CHANGELOG.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d6399fb..5e6ebd5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,14 @@
+## 1.4.3 / 2022-06-09
+
+* Address a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.
+
+  Prevent the combination of `select` and `style` as allowed tags in SafeListSanitizer.
+
+  Fixes CVE-2022-32209
+
+  *Mike Dalessio*
+
+
 ## 1.4.2 / 2021-08-23
 
 * Slightly improve performance.