Fix section order in the ChangeLog
diff --git a/ChangeLog b/ChangeLog
index 4ee9ea8..a319cf2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,16 @@
= mbed TLS x.x.x branch released xxxx-xx-xx
+Default behavior changes
+ * The truncated HMAC extension now conforms to RFC 6066. This means
+ that when both sides of a TLS connection negotiate the truncated
+ HMAC extension, Mbed TLS can now interoperate with other
+ compliant implementations, but this breaks interoperability with
+ prior versions of Mbed TLS. To restore the old behavior, enable
+ the (deprecated) option MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT in
+ config.h. Found by Andreas Walz (ivESK, Offenburg University of
+ Applied Sciences).
+
Security
* Fix implementation of the truncated HMAC extension. The previous
implementation allowed an offline 2^80 brute force attack on the
@@ -40,16 +50,6 @@
* MD functions deprecated in 2.7.0 are no longer inline, to provide
a migration path for those depending on the library's ABI.
-Default behavior changes
- * The truncated HMAC extension now conforms to RFC 6066. This means
- that when both sides of a TLS connection negotiate the truncated
- HMAC extension, Mbed TLS can now interoperate with other
- compliant implementations, but this breaks interoperability with
- prior versions of Mbed TLS. To restore the old behavior, enable
- the (deprecated) option MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT in
- config.h. Found by Andreas Walz (ivESK, Offenburg University of
- Applied Sciences).
-
= mbed TLS 2.7.0 branch released 2018-02-03
Security