Fix overread when verifying SERVER_HELLO in DTLS
diff --git a/ChangeLog b/ChangeLog
index 60383a9..ca6f928 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -29,6 +29,8 @@
a contribution from Tobias Tangemann. #541
* Fixed cert_app sample program for debug output and for use when no root
certificates are provided.
+ * Fix potential byte overread when verifying malformed SERVER_HELLO in
+ ssl_parse_hello_verify_request() for DTLS. Found by Guido Vranken.
Changes
* Extended test coverage of special cases, and added new timing test suite.