Add CHANGELOG entry for 0.0.120

Author: TheBlueMatt

CHANGELOG.md

@@ -1,3 +1,41 @@
+# 0.0.120 - XXX - "Blinded Fuzzers"
+
+## API Updates
+ * The `PeerManager` bound on `UtxoLookup` was removed entirely. This enables
+   use of `UtxoLookup` in cases broken in 0.0.119 by #2773 (#2822).
+ * LDK now exposes and fully implements the route blinding feature (#2812).
+ * The `lightning-transaction-sync` crate no longer relies on system time
+   without the `time` feature (#2799, #2817).
+ * `lightning::onion_message`'s module layout has changed (#2821).
+ * `Event::ChannelClosed` now includes the `channel_funding_txo` (#2800).
+ * `CandidateRouteHop` variants were destructured into individual structs,
+   hiding some fields which were not generally consumable (#2802).
+
+## Bug Fixes
+ * Fixed a rare issue where `lightning-net-tokio` may not fully flush its send
+   buffer, leading to connection hangs (#2832).
+ * Fixed a panic which may occur when connecting to a peer if we opened a second
+   channel with that peer while they were disconnected (#2808).
+ * `Feature`'s `Eq` and `Hash` implementation now ignore dummy bytes (#2808).
+ * Some missing `DiscardFunding` or `ChannelClosed` events are now generated in
+   rare funding-related failures (#2809).
+ * Fixed a privacy issue in blinded path generation where the real
+   `cltv_expiry_delta` would be exposed to senders (#2831).
+
+## Security
+0.0.120 fixes a denial-of-service vulnerability which is reachable from
+untrusted input from peers if the `UserConfig::manually_accept_inbound_channels`
+option is enabled.
+ * A peer which sent an `open_channel` message with the `channel_type` field
+   unfilled would trigger a reachable `unwrap` since LDK XXX (#2808).
+ * In protocols where a funding output is shared with our counterparty before
+   it is given to LDK, a malicious peer could have caused a reachable panic
+   by reusing the same funding info in (#2809).
+
+XXX add stats
+
+## Bug Fixes
+
 # 0.0.119 - Dec 15, 2023 - "Spring Cleaning for Christmas"
 
 ## API Updates