Improve description of who is affected Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: a9e7ac9811054b14c3e754a2735b7ff70e0cf8ad [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Thu Jun 27 10:59:55 2024 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Thu Jun 27 10:59:55 2024 +0200
tree: 5be4bc0d8cce10218f8609bd029c1d37707a0472
parent: db81d7efb0482a661722d9392ec11c1fabea5479 [diff]
diff --git a/ChangeLog.d/ecdsa-conversion-overflow.txt b/ChangeLog.d/ecdsa-conversion-overflow.txt
index 00cac06..83b7f2f 100644
--- a/ChangeLog.d/ecdsa-conversion-overflow.txt
+++ b/ChangeLog.d/ecdsa-conversion-overflow.txt

@@ -1,4 +1,6 @@
 Security
    * Fix a stack buffer overflow in mbedtls_ecdsa_der_to_raw() and
-     mbedtls_ecdsa_raw_to_der() when curve_bits is larger than the
-     largest supported curve.
+     mbedtls_ecdsa_raw_to_der() when the bits parameter is larger than the
+     largest supported curve. In some configurations with PSA disabled,
+     all values of bits are affected. This never happens in internal library
+     calls, but can affect applications that call these functions directly.
commit	a9e7ac9811054b14c3e754a2735b7ff70e0cf8ad	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Thu Jun 27 10:59:55 2024 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Thu Jun 27 10:59:55 2024 +0200
tree	5be4bc0d8cce10218f8609bd029c1d37707a0472
parent	db81d7efb0482a661722d9392ec11c1fabea5479 [diff]