Update CHANGELOG.md with critical server stability and DoS protection fixes

- Documented comprehensive bounds checking in wssshd2/websocket.c
- Added details about JSON structure validation
- Listed parameter length limits for security
- Explained DoS attack prevention measures
- Described heap corruption prevention through validated operations

CHANGELOG.md

@@ -54,13 +54,25 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - Maintains transfer performance while improving stability for large files
 
 - **WebSocket Message Parsing Bounds Checking**: Critical security fix for heap corruption
-  - Added comprehensive bounds validation to all WebSocket message parsing in wsssht.c
+  - Added comprehensive bounds validation to all WebSocket message parsing in wsssht.c and wssshd2/websocket.c
   - Prevents buffer overflows from malformed JSON messages that could corrupt heap metadata
   - Validates all string operations stay within payload buffer limits
   - Added length validation for data fields to prevent excessive memory allocation
   - Protects against crashes from corrupted or malicious WebSocket frames
   - Enhanced error handling with debug logging for malformed messages
 
+- **Server Stability and DoS Protection**: Critical security fix preventing server crashes
+  - wssshd server now validates JSON structure before processing messages
+  - Added bounds checking for all parameter extractions (client_id, password, request_id, etc.)
+  - Implemented reasonable length limits to prevent buffer overflows:
+    * client_id: max 64 characters
+    * password: max 256 characters
+    * request_id: max 64 characters
+    * enc/service/version: max 32 characters each
+  - Server logs errors and continues running instead of crashing on malformed packets
+  - Defense against DoS attacks via crafted WebSocket messages
+  - Heap corruption prevention through validated memory operations
+
 ## [1.6.5] - 2025-09-19
 
 ### Added