Fix 1 byte overread in mbedtls_asn1_get_int()
diff --git a/ChangeLog b/ChangeLog
index e6a4dbc..8d76eb9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -31,13 +31,13 @@
      a contribution from Tobias Tangemann. #541
    * Fixed cert_app sample program for debug output and for use when no root
      certificates are provided.
+   * Fix conditional statement that would cause a 1 byte overread in
+     mbedtls_asn1_get_int(). Found and fixed by Guido Vranken.
    * Fixed pthread implementation to avoid unintended double initialisations
      and double frees. (found by Niklas Amnebratt)
    * Fixed the sample applications gen_key.c, cert_req.c and cert_write.c for
      builds where the configuration MBEDTLS_PEM_WRITE_C is not defined. Found
      by inestlerode. #559.
-   * Fixed default threading implementation to avoid accidental double
-     initialisations and double frees.
 
 Changes
    * Extended test coverage of special cases, and added new timing test suite.