Improve the changelog entry for fixing legacy compression issue Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>

commit: 65e73c88bdf76325a3b01a47fc23dd8501f3f573 [log] [tgz]
author: Waleed Elmelegy <waleed.elmelegy@arm.com> Thu Aug 22 16:27:27 2024 +0000
committer: Waleed Elmelegy <waleed.elmelegy@arm.com> Thu Aug 22 16:27:27 2024 +0000
tree: 9dd8f5f34c72e003fadf85c37c4ed892a8d32e4e
parent: b5df9d8b658c2dbd588b4a604b3574dca9bbaac3 [diff]
diff --git a/ChangeLog.d/fix-legacy-compression-issue.txt b/ChangeLog.d/fix-legacy-compression-issue.txt
index e51ee24..8b2fe23 100644
--- a/ChangeLog.d/fix-legacy-compression-issue.txt
+++ b/ChangeLog.d/fix-legacy-compression-issue.txt

@@ -1,7 +1,7 @@
 Bugfix
-   * Fix an issue where ssl_tls13_parse_client_hello() assumed legacy_compression_methods
-     length would always be zero, which is true for TLS 1.3. However, with TLS 1.3 enabled
-     by default, all ClientHello requests (including TLS 1.2 requests) are initially
-     processed by ssl_tls13_parse_client_hello() before being passed to the TLS 1.2
-     parsing function. This caused an issue where legacy_compression_methods
-     might not be zero for TLS 1.2 requests, as it is processed earlier.
+   * Fix an issue where TLS 1.2 clients who send a ClientHello message with
+     legacy_compression_methods get a failure in connection because TLS 1.3
+     is enabled by default and the server rejects the ClientHello packet as
+     malformed for TLS 1.3 in a way that stops the fallback to TLS 1.2.
+     fixes #8995, #9243.
+
commit	65e73c88bdf76325a3b01a47fc23dd8501f3f573	[log] [tgz]
author	Waleed Elmelegy <waleed.elmelegy@arm.com>	Thu Aug 22 16:27:27 2024 +0000
committer	Waleed Elmelegy <waleed.elmelegy@arm.com>	Thu Aug 22 16:27:27 2024 +0000
tree	9dd8f5f34c72e003fadf85c37c4ed892a8d32e4e
parent	b5df9d8b658c2dbd588b4a604b3574dca9bbaac3 [diff]