Add Changelog entry for RSA exponent blinding
diff --git a/ChangeLog b/ChangeLog
index 7117d40..9cc5683 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,13 @@
= mbed TLS 2.x.x branch released xxxx-xx-xx
+Security
+ * Add exponent blinding to RSA private operations as a countermeasure
+ against side-channel attacks like the cache attack described in
+ https://arxiv.org/abs/1702.08719v2.
+ Found and fix proposed by Michael Schwarz, Samuel Weiser, Daniel Gruss,
+ Clémentine Maurice and Stefan Mangard.
+
Feature
* Add a new configuration option to 'mbedtls_ssl_config' to enable
suppressing the CA list in Certificate Request messages. The default