From 0c628ae52e1ec3a1612ed3f63f1607c6b2297c60 Mon Sep 17 00:00:00 2001
From: Shawn Carey <shawn.carey@netfoundry.io>
Date: Fri, 8 Mar 2024 10:59:11 -0500
Subject: [PATCH] update changelog

---
 CHANGELOG.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 358d48d86..f46a1271c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,23 @@
+# Release 0.32.3
+
+## What's New
+
+* Bugfixes
+
+## Default Bind/Dial service permissions for Admin identities
+
+Admin identities were able to Dial and Bind all services regardless of the effective service policies
+prior to this release. This could lead to a confusing situation where a tunneler that was assuming an Admin
+identity would put itself into an infinite connect-loop when a service's host.v1 address overlapped with
+any addresses in its intercept configuration.
+
+Please create service policies to grant Bind or Dial permissions to Admin identities as needed. 
+
+## Component Updates and Bug Fixes
+
+* github.com/openziti/ziti: [v0.32.2 -> v0.32.3](https://github.com/openziti/ziti/compare/v0.32.2...v0.32.3)
+  * [Issue #1781](https://github.com/openziti/ziti/issues/1781) - Admin identities have bind and dial permissions to services
+
 # Release 0.32.2
 
 ## What's New