Fix possible client crash on API misuse
diff --git a/ChangeLog b/ChangeLog
index 2030ceb..8c602fa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,11 @@
= mbed TLS 1.3.13 reladsed 2015-??-??
+Security
+ * Fix possible client-side NULL pointer dereference (read) when the client
+ tries to continue the handshake after it failed (a misuse of the API).
+ (Found by GDS Labs using afl-fuzz, patch provided by GDS Labs.)
+
Bugfix
* Setting SSL_MIN_DHM_BYTES in config.h had no effect (overriden in ssl.h)
(found by Fabio Solari) (#256)