From ec1d28ea24df4db36a39f4f2aaa8db048e8a3782 Mon Sep 17 00:00:00 2001
From: David Cooper <david.cooper@nist.gov>
Date: Tue, 11 Mar 2025 12:44:46 -0700
Subject: [PATCH] Update CHANGELOG.md and CREDITS.md

This commit adds information about #2687, #2688, and #2690 to the change log.
---
 CHANGELOG.md | 4 ++--
 CREDITS.md   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 602b265..b382c63 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,7 +8,7 @@
 * Remove "negotiated cipher / protocol"
 * Provide a better verdict wrt to server order: Now per protocol and ciphers are weighted for each protocol
 * Switched to multi-stage docker image with opensuse base to avoid musl libc issues, performance gain also
-* Improved compatibility with OpenSSL 3.0
+* Improved compatibility with OpenSSL 3.0 and higher versions
 * Improved compatibility with Open/LibreSSL versions not supporting TLS 1.0-1.1 anymore
 * Renamed PFS/perfect forward secrecy --> FS/forward secrecy
 * Cipher list straightening
@@ -35,7 +35,7 @@
 * Wildcard certificates: detection and warning
 * TLS 1.2 and TLS 1.3 sig algs added
 * Check for ffdhe groups
-* Check for three KEMs in draft-kwiatkowski-tls-ecdhe-mlkem/draft-tls-westerbaan-xyber768d00
+* Check for six KEMs in draft-connolly-tls-mlkem-key-agreement/draft-kwiatkowski-tls-ecdhe-mlkem/draft-tls-westerbaan-xyber768d00
 * Show server supported signature algorithms
 * --add-ca can also now be a directory with \*.pem files
 * Warning of 398 day limit for certificates issued after 2020/9/1
diff --git a/CREDITS.md b/CREDITS.md
index 1290d9d..345dbdb 100644
--- a/CREDITS.md
+++ b/CREDITS.md
@@ -33,7 +33,7 @@ Full contribution, see git log.
   - RFC 8879, certificate compression
   - 128 cipher limit, padding
   - compatibility for LibreSSL and different OpenSSL versions
-  - Check for ffdhe groups
+  - Check for ffdhe and ML-KEM groups
   - TLS 1.2 and TLS 1.3 sig algs added
   - Show server supported signature algorithms
   - Show supported certification authorities sent by the server when client auth is requested