commit 004198adb348f1c0de079065096267d95b833f95
author Hanno Becker <hanno.becker@arm.com> Wed Nov 29 16:57:06 2017 +0000
committer Hanno Becker <hanno.becker@arm.com> Wed Nov 29 16:57:06 2017 +0000
tree b7849e4260007f7b9f074902161fcf1d7f3b1e20
parent 1df4923eb16086585c16102a9862f88b6108ac4b

Update ChangeLog

ChangeLog

diff --git a/ChangeLog b/ChangeLog
index fcf1019..1ea2a2b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,14 +9,16 @@
      corrupt 6 bytes on the peer's heap, potentially leading to crash or
      remote code execution. This can be triggered remotely from either
      side in both TLS and DTLS.
+   * Fix implementation of truncated HMAC extension leading to
+     compatibility problems with non Mbed TLS peers and allowing
+     an offline 2^80 brute force attack on the HMAC key of a single,
+     uninterrupted (excluding session resumption) connection.
+     Found by Andreas Walz.
 
 Features
    * Allow comments in test data files.
 
 Bugfix
-   * Fix wrong implementation of truncated HMAC extension leading to
-     compatibility problems with peers not running Mbed TLS. Found by
-     Andreas Walz.
    * Fix ssl_parse_record_header() to silently discard invalid DTLS records
      as recommended in RFC 6347 Section 4.1.2.7.
    * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.