From 34d31346d3b6aa241baf756a23f980e76222fa56 Mon Sep 17 00:00:00 2001
From: Richard Bradfield <bradfier@fstab.me>
Date: Wed, 22 Dec 2021 12:14:29 +0000
Subject: [PATCH] Release v3.5.0

---
 CHANGELOG.md | 8 ++++++++
 Cargo.toml   | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5b93d2860..d638fa016 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,13 @@
 # Changelog
 
+## Version 3.5
+- Replaced our use of the `brotli2` crate with the alternative pure Rust implementation
+  [`brotli`](https://github.com/dropbox/rust-brotli). This removes Rouille's vulnerability to
+  [RUSTSEC-2021-0131](https://rustsec.org/advisories/RUSTSEC-2021-0131.html), which existed due to `brotli-sys`
+  bundling a vulnerable version of the underlying C library.
+- Unpinned `time-rs` and as a result increased our MSRV to 1.51, we don't have a formal MSRV policy and the ecosystem
+  is making it more and more difficult to support compiler versions more than about 6 months old.
+
 ## Version 3.4
 - Resolved a number of cleanup & refactoring TODOs
 - Correctly identify non-lowercase content types as text (e.g. `text/JSON`
diff --git a/Cargo.toml b/Cargo.toml
index b9de89364..66e5ea287 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "rouille"
-version = "3.4.0"
+version = "3.5.0"
 authors = ["Pierre Krieger <pierre.krieger1708@gmail.com>"]
 license = "MIT/Apache-2.0"
 repository = "https://github.com/tomaka/rouille"