diff --git a/CHANGES b/CHANGES
index dc717ec3e204316808c06c66198b72db82592c13..17500c970ecfcb443b4be81d38a7e7a56f788e4f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,12 @@
                              \___|\___/|_| \_\_____|
 
                                   Changelog
+Daniel S (27 May 2007)
+- When working with a problem Stefan Becker had, I found an off-by-one buffer
+  overwrite in Curl_select(). While fixing it, I also improved its performance
+  somewhat by changing calloc to malloc and breaking out of a loop earlier
+  (when possible).
+
 Daniel S (25 May 2007)
 - Rob Crittenden fixed bug #1705802
   (http://curl.haxx.se/bug/view.cgi?id=1705802), which was filed by Daniel
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index fcd2ba95dbe10359a12757947bc215dc794193e0..e6c1540b05c6cd6dadb7dcbe2219e71be7681cf6 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -48,6 +48,7 @@ This release includes the following bugfixes:
  o memory leak when failed OpenSSL certificate CN field checking
  o memory leak when OpenSSL failed PKCS #12 parsing
  o FPL-SSL when built with NSS
+ o out-of-boundary write in Curl_select()
 
 This release includes the following known bugs: