Merge memory leak fix into branch 'mbedtls-1.3'
Merge of fix for memory leak in RSA-SSA signing - #372
diff --git a/ChangeLog b/ChangeLog
index 2a81894..20af9bc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,12 @@
= mbed TLS 1.3.16 released 2015-12-xx
+Security
+ * Fix potential double free when mbedtls_asn1_store_named_data() fails to
+ allocate memory. Only used for certificate generation, not triggerable
+ remotely in SSL/TLS. Found by RafaĆ Przywara. #367
+ * Disable MD5 handshake signatures in TLS 1.2 by default
+
Bugfix
* Fix over-restricive length limit in GCM. Found by Andreas-N. #362
* Fix bug in certificate validation that caused valid chains to be rejected
@@ -10,6 +16,10 @@
* Removed potential leak in mbedtls_rsa_rsassa_pkcs1_v15_sign(), found by
JayaraghavendranK. #372
+Changes
+ * Add config.h option POLARSSL_SSL_ENABLE_MD5_SIGNATURES controlling
+ use of MD5-based signatures for TLS 1.2 handshake (disabled by default).
+
= mbed TLS 1.3.15 released 2015-11-04
Security