Add changelog entry for mbedtls_ecdh_get_params robustness

commit: 661610c8e03c657b13ad5d86fa497e57aed5b2a5 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Wed Nov 07 22:39:16 2018 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Fri Feb 22 10:24:31 2019 +0100
tree: 39bc1b84ad59648c3017e7ecc033e53c1580fc52
parent: b47045a18e870d859cbc06b2a26634835d77a0d7 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 9b1230e..4d347b6 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -2,6 +2,14 @@
 
 = mbed TLS 2.x.x branch released xxxx-xx-xx
 
+Security
+   * Make mbedtls_ecdh_get_params return an error if the second key
+     belongs to a different group from the first. Before, if an application
+     passed keys that belonged to different group, the first key's data was
+     interpreted according to the second group, which could lead to either
+     an error or a meaningless output from mbedtls_ecdh_get_params. In the
+     latter case, this could expose at most 5 bits of the private key.
+
 Bugfix
    * Fix a compilation issue with mbedtls_ecp_restart_ctx not being defined
      when MBEDTLS_ECP_ALT is defined. Reported by jwhui. Fixes #2242.
commit	661610c8e03c657b13ad5d86fa497e57aed5b2a5	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Wed Nov 07 22:39:16 2018 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Feb 22 10:24:31 2019 +0100
tree	39bc1b84ad59648c3017e7ecc033e53c1580fc52
parent	b47045a18e870d859cbc06b2a26634835d77a0d7 [diff] [blame]