Added CVE code to ChangeLog

commit: 8b846b88047fd15947d669692cfc567f4202882e [log] [tgz]
author: Simon Butcher <simon.butcher@arm.com> Mon Oct 05 17:34:19 2015 +0100
committer: Simon Butcher <simon.butcher@arm.com> Mon Oct 05 17:34:19 2015 +0100
tree: 35011cf02ec3de836f9dd9b5215538a9e10eb814
parent: ac4461f783ea526c9a57b1c88702a1dbb2da6076 [diff]
diff --git a/ChangeLog b/ChangeLog
index 459897a..ce5b2c5 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -3,9 +3,9 @@
 = Version 1.2.17 released 2015-10-xx
 
 Security
-   * Fix possible heap buffer overflow in SSL if a very long hostname is used.
-     Can be trigerred remotely if you accept hostnames from untrusted parties.
-     Found by Guido Vranken, Intelworks.
+   * Fix for CVE-2015-5291. Possible heap buffer overflow in SSL if a very long
+     hostname is used. Can be trigerred remotely if you accept hostnames from
+     untrusted parties. Found by Guido Vranken, Intelworks.
    * Fix stack buffer overflow in pkcs12 decryption (used by
      mbedtls_pk_parse_key(file)() when the password is > 129 bytes. Found by
      Guido Vranken, Intelworks. Not triggerable remotely.
commit	8b846b88047fd15947d669692cfc567f4202882e	[log] [tgz]
author	Simon Butcher <simon.butcher@arm.com>	Mon Oct 05 17:34:19 2015 +0100
committer	Simon Butcher <simon.butcher@arm.com>	Mon Oct 05 17:34:19 2015 +0100
tree	35011cf02ec3de836f9dd9b5215538a9e10eb814
parent	ac4461f783ea526c9a57b1c88702a1dbb2da6076 [diff]