Make link to RFC 1578 in CHANGES.md be a proper link

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21130)

(cherry picked from commit 18f82df5b14b3fba078c6c5f0f4a0bb8eee6c954)

1 files changed, 2 insertions, 3 deletions

diff --git a/CHANGES.md b/CHANGES.md
index 7d8f6f8e69..dbfe20a2e5 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -46,7 +46,7 @@ breaking changes, and mappings for the large list of deprecated functions.
    IDENTIFIER to canonical numeric text form if the size of that OBJECT
    IDENTIFIER is 586 bytes or less, and fail otherwise.
 
-   The basis for this restriction is RFC 2578 (STD 58), section 3.5. OBJECT
+   The basis for this restriction is [RFC 2578 (STD 58), section 3.5]. OBJECT
    IDENTIFIER values, which stipulates that OBJECT IDENTIFIERS may have at
    most 128 sub-identifiers, and that the maximum value that each sub-
    identifier may have is 2^32-1 (4294967295 decimal).
@@ -56,8 +56,6 @@ breaking changes, and mappings for the large list of deprecated functions.
    these restrictions may occupy is 32 * 128 / 7, which is approximately 586
    bytes.
 
-   Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5
-
    *Richard Levitte*
 
  * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms which
@@ -19656,6 +19654,7 @@ ndif
 
 <!-- Links -->
 
+[RFC 2578 (STD 58), section 3.5]: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5
 [CVE-2023-2650]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2650
 [CVE-2023-1255]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-1255
 [CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466