Fix possible buffer overflow with PSK
diff --git a/ChangeLog b/ChangeLog
index e57b5a4..5beeb35 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -25,10 +25,11 @@
Security
* Forbid change of server certificate during renegotiation to prevent
- "triple handshake" attack when authentication mode is optional (the
+ "triple handshake" attack when authentication mode is 'optional' (the
attack was already impossible when authentication is required).
* Check notBefore timestamp of certificates and CRLs from the future.
* Forbid sequence number wrapping
+ * Fix possible buffer overflow with overlong PSK
Bugfix
* ecp_gen_keypair() does more tries to prevent failure because of