From cee94e68245e3c91dafd3770ab4cc863673f037c Mon Sep 17 00:00:00 2001
From: Mark Collao <106274486+mcollao-hc@users.noreply.github.com>
Date: Thu, 9 May 2024 12:09:03 -0500
Subject: [PATCH] update changelog for HCSEC-2024-10 (#26864)

* update changelog for HCSEC-2024-10

* update url
---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 023e8b8de1..04ef632a15 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -418,6 +418,10 @@ leading to failure to complete merkle sync without a full re-index. [[GH-23013](
 ## 1.15.8 Enterprise
 ### April 24, 2024
 
+SECURITY:
+
+* core (enterprise): fix bug where http headers were displayed in the audit log of a performance standby node [HCSEC-2024-10](https://discuss.hashicorp.com/t/hcsec-2024-10-vault-enterprise-leaks-sensitive-http-request-headers-in-audit-log-when-deployed-with-a-performance-standby-node) 
+
 CHANGES:
 
 * core: Bump Go version to 1.21.9.