Include 1.2.12 release information in ChangeLog
diff --git a/ChangeLog b/ChangeLog
index bef1abe..fd83b9e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -427,6 +427,33 @@
* RSA blinding on CRT operations to counter timing attacks
(found by Cyril Arnaud and Pierre-Alain Fouque)
+= Version 1.2.12 released 2014-10-24
+
+Security
+ * Remotely-triggerable memory leak when parsing some X.509 certificates
+ (server is not affected if it doesn't ask for a client certificate).
+ (Found using Codenomicon Defensics.)
+
+Bugfix
+ * Fix potential bad read in parsing ServerHello (found by Adrien
+ Vialletelle).
+ * ssl_close_notify() could send more than one message in some circumstances
+ with non-blocking I/O.
+ * x509_crt_parse() did not increase total_failed on PEM error
+ * Fix compiler warnings on iOS (found by Sander Niemeijer).
+ * Don't print uninitialised buffer in ssl_mail_client (found by Marc Abel).
+ * Fix net_accept() regarding non-blocking sockets (found by Luca Pesce).
+ * ssl_read() could return non-application data records on server while
+ renegotation was pending, and on client when a HelloRequest was received.
+ * Fix warnings from Clang's scan-build (contributed by Alfred Klomp).
+
+Changes
+ * X.509 certificates with more than one AttributeTypeAndValue per
+ RelativeDistinguishedName are not accepted any more.
+ * ssl_read() now returns POLARSSL_ERR_NET_WANT_READ rather than
+ POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE on harmless alerts.
+ * Accept spaces at end of line or end of buffer in base64_decode().
+
= Version 1.2.11 released 2014-07-11
Features
* Entropy module now supports seed writing and reading