From 6858911a46d102d1ee679fae87ab0054afa11eeb Mon Sep 17 00:00:00 2001
From: Tony Arcieri <bascule@gmail.com>
Date: Thu, 28 May 2026 13:00:26 -0600
Subject: [PATCH] cmov v0.5.4

---
 Cargo.lock        | 2 +-
 cmov/CHANGELOG.md | 7 +++++++
 cmov/Cargo.toml   | 2 +-
 cmov/README.md    | 2 ++
 4 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 50508cbd..35d29c58 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -63,7 +63,7 @@ checksum = "9330f8b2ff13f34540b44e946ef35111825727b38d33286ef986142615121801"
 
 [[package]]
 name = "cmov"
-version = "0.5.3"
+version = "0.5.4"
 dependencies = [
  "proptest",
 ]
diff --git a/cmov/CHANGELOG.md b/cmov/CHANGELOG.md
index 249fe6e5..564787d9 100644
--- a/cmov/CHANGELOG.md
+++ b/cmov/CHANGELOG.md
@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.5.4 (2026-05-28)
+### Security
+- Fix [GHSA-3rjw-m598-pq24]: `Cmov`/`CmovEq` on `aarch64` can produce wrong results if high-bits of registers are set ([dba6c355])
+
+[GHSA-3rjw-m598-pq24]: https://github.com/RustCrypto/utils/security/advisories/GHSA-3rjw-m598-pq24
+[dba6c355]: https://github.com/RustCrypto/utils/commit/dba6c355c9f241e3726d5ec2a68f9f3b519f6063
+
 ## 0.5.3 (2026-04-02)
 ### Added
 - Impl `Cmov`/`CmovEq` for `NonZeroUsize`/`NonZeroIsize` ([#1415])
diff --git a/cmov/Cargo.toml b/cmov/Cargo.toml
index 32349e31..54e48a06 100644
--- a/cmov/Cargo.toml
+++ b/cmov/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "cmov"
-version = "0.5.3"
+version = "0.5.4"
 authors = ["RustCrypto Developers"]
 edition = "2024"
 rust-version = "1.85"
diff --git a/cmov/README.md b/cmov/README.md
index f37990d3..8b80d241 100644
--- a/cmov/README.md
+++ b/cmov/README.md
@@ -73,6 +73,7 @@ USE AT YOUR OWN RISK!
 Below are security issues this crate has experienced in the past:
 
 - [RUSTSEC-2026-0003]: Non-constant-time code generation on ARM32 targets
+- [GHSA-3rjw-m598-pq24]: `Cmov`/`CmovEq` on ARM64 can produce wrong results if high-bits of registers are set
 
 ## Minimum Supported Rust Version (MSRV) Policy
 
@@ -120,3 +121,4 @@ dual licensed as above, without any additional terms or conditions.
 [`ctutils`]: https://docs.rs/ctutils
 [open an issue]: https://github.com/RustCrypto/utils/issues
 [RUSTSEC-2026-0003]: https://rustsec.org/advisories/RUSTSEC-2026-0003.html
+[GHSA-3rjw-m598-pq24]: https://github.com/RustCrypto/utils/security/advisories/GHSA-3rjw-m598-pq24