Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites
In case full SSL frames arrived, they were rejected because an overly
strict padding check.
diff --git a/ChangeLog b/ChangeLog
index d58df3a..1d3277c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -11,6 +11,8 @@
* Typos in platform.c and pkcs11.c (found by Daniel Phillips and Steffan
Karger)
* cert_write app should use subject of issuer certificate as issuer of cert
+ * Fix false reject in padding check in ssl_decrypt_buf() for CBC
+ ciphersuites, for full SSL frames of data.
= PolarSSL 1.3.6 released on 2014-04-11