Update change log

commit: bcb814951059a425f86f173a766cd0b504450be9 [log] [tgz]
author: Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com> Wed Mar 14 11:23:34 2018 +0100
committer: Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com> Wed Mar 14 11:23:34 2018 +0100
tree: 0ead24862177bfd238858128d958cea00fffdf2b
parent: 8e0b1166b67abc55abfb4969d11d01fc47d940a8 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 8db0215..725a6b1 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -46,6 +46,8 @@
    * Change default choice of DHE parameters from untrustworthy RFC 5114
      to RFC 3526 containing parameters generated in a nothing-up-my-sleeve
      manner.
+   * Fix a buffer overread in ssl_parse_server_psk_hint() that could cause a
+     crash on invalid input.
 
 Features
    * Allow comments in test data files.
@@ -180,6 +182,8 @@
    * In mbedtls_entropy_free(), properly free the message digest context.
    * Fix status handshake status message in programs/ssl/dtls_client.c. Found
      and fixed by muddog.
+   * Fix a possible arithmetic overflow in ssl_parse_server_psk_hint() that
+     could cause a key exchange to fail on valid data.
 
 Changes
    * Extend cert_write example program by options to set the certificate version
commit	bcb814951059a425f86f173a766cd0b504450be9	[log] [tgz]
author	Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com>	Wed Mar 14 11:23:34 2018 +0100
committer	Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com>	Wed Mar 14 11:23:34 2018 +0100
tree	0ead24862177bfd238858128d958cea00fffdf2b
parent	8e0b1166b67abc55abfb4969d11d01fc47d940a8 [diff] [blame]