diff --git a/CHANGES b/CHANGES
index fd471941e9..861199619f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+5956.	[func]		Make RRL code treat all QNAMEs that are subject to
+			wildcard processing within a given zone as the same
+			name. [GL #3459]
+
 5955.	[port]		The libxml2 library has deprecated the usage of
 			xmlInitThreads() and xmlCleanupThreads() functions. Use
 			xmlInitParser() and xmlCleanupParser() instead.
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index bb08996b3f..0eb5aea3d1 100644
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -35,6 +35,10 @@ Removed Features
 Feature Changes
 ~~~~~~~~~~~~~~~
 
+- Response Rate Limiting (RRL) code now treats all QNAMEs that are
+  subject to wildcard processing within a given zone as the same name,
+  to prevent circumventing the limits enforced by RRL. :gl:`#3459`
+
 - Zones using ``dnssec-policy`` now require dynamic DNS or
   ``inline-signing`` to be configured explicitly :gl:`#3381`.