From 19985ac42cab57bf55acb626aebfdc1194771b76 Mon Sep 17 00:00:00 2001
From: Pauli <paul.dale@oracle.com>
Date: Thu, 16 Apr 2020 07:55:17 +1000
Subject: [PATCH] news: note the addition of ECX and SHAKE256 to the FIPS
 provider as non-approved algorithms

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11371)
---
 NEWS.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/NEWS.md b/NEWS.md
index 9f29a59323..9f18f416f8 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -21,6 +21,9 @@ OpenSSL 3.0
 
 ### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0 [under development] ###
 
+  * The X25519, X448, Ed25519, Ed448 and SHAKE256 algorithms are included in
+    the FIPS provider.  None have the "fips=yes" property set and, as such,
+    will not be accidentially used.
   * The algorithm specific public key command line applications have
     been deprecated.  These include dhparam, gendsa and others.  The pkey
     alternatives should be used intead: pkey, pkeyparam and genpkey.
-- 
2.25.1