Adapt ChangeLog
diff --git a/ChangeLog b/ChangeLog
index da29d70..0e9fa29 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,6 +13,16 @@
dates on leap years with 100 and 400 intervals are handled correctly. Found
by Nicholas Wilson. #694
+Security
+ * Fix a potential heap buffer overflow in mbedtls_ssl_write. When the (by
+ default enabled) maximum fragment length extension is disabled in the
+ config and the application data buffer passed to mbedtls_ssl_write
+ is larger than the internal message buffer (16384 bytes by default), the
+ latter overflows. The exploitability of this issue depends on whether the
+ application layer can be forced into sending such large packets. The issue
+ was independently reported by Tim Nordell via e-mail and by Florin Petriuc
+ and sjorsdewit on GitHub. Fix proposed by Florin Petriuc in #1022. Fixes #707.
+
= mbed TLS 2.1.9 branch released 2017-08-10
Security