diff --git a/CHANGELOG.md b/CHANGELOG.md
index 38ea2f8d0..50841089c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,7 @@
 ## Unreleased
 
 #### Merged Pull Requests
+- Explicitly pin openssl to 1.0.2zi to avoid a CVE - inspec-6 [#6825](https://github.com/inspec/inspec/pull/6825) ([clintoncwolfe](https://github.com/clintoncwolfe))
 - Openssl upgrade with version 1.1.1w [#6748](https://github.com/inspec/inspec/pull/6748) ([Nik08](https://github.com/Nik08))
 - Pin Thor to < 1.3.0 to fix test failures related to aliases [#6815](https://github.com/inspec/inspec/pull/6815) ([Vasu1105](https://github.com/Vasu1105))
 <!-- latest_release -->
@@ -39,6 +40,7 @@
 ### Changes since 5.22.13 release
 
 #### Merged Pull Requests
+- Explicitly pin openssl to 1.0.2zi to avoid a CVE - inspec-6 [#6825](https://github.com/inspec/inspec/pull/6825) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 6.4.75 -->
 - Openssl upgrade with version 1.1.1w [#6748](https://github.com/inspec/inspec/pull/6748) ([Nik08](https://github.com/Nik08)) <!-- 6.4.75 -->
 - Pin Thor to &lt; 1.3.0 to fix test failures related to aliases [#6815](https://github.com/inspec/inspec/pull/6815) ([Vasu1105](https://github.com/Vasu1105)) <!-- 6.4.75 -->
 - Fixed `inspec json` ability to use cli options successfully [#6796](https://github.com/inspec/inspec/pull/6796) ([Nik08](https://github.com/Nik08)) <!-- 6.4.75 -->