Changelog entry for xxdh_psa_peerkey size validation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: b782415e1bd6df03543223e1c653641d9dcd946a [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Mon Oct 02 15:08:37 2023 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Mon Oct 02 15:08:37 2023 +0200
tree: 5f769f8028a67f0dc71327d80dabfd1c5f4bf35b
parent: c29df535eea63765e6a0fa91da4a736595fe9898 [diff]
diff --git a/ChangeLog.d/xxx_psa_peerkey.txt b/ChangeLog.d/xxx_psa_peerkey.txt
new file mode 100644
index 0000000..1ba1510
--- /dev/null
+++ b/ChangeLog.d/xxx_psa_peerkey.txt

@@ -0,0 +1,6 @@
+Security
+   * Fix a remotely exploitable heap buffer overflow in TLS handshake parsing.
+     In TLS 1.3, all configurations are affected except PSK-only ones.
+     In TLS 1.2, the affected configurations are those with
+     MBEDTLS_USE_PSA_CRYPTO and ECDH enabled but DHM and RSA disabled.
+     Credit to OSS-Fuzz.
commit	b782415e1bd6df03543223e1c653641d9dcd946a	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Oct 02 15:08:37 2023 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Oct 02 15:08:37 2023 +0200
tree	5f769f8028a67f0dc71327d80dabfd1c5f4bf35b
parent	c29df535eea63765e6a0fa91da4a736595fe9898 [diff]