Update change log

commit: d3cec993774f638540051501ba8617bc1e37cfbb [log] [tgz]
author: Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com> Wed Mar 14 11:52:22 2018 +0100
committer: Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com> Wed Mar 14 14:39:01 2018 +0100
tree: b6ce17ff0787a532429a9e1f2e9f9532017562fd
parent: c86b880411191c3e56105ea1bcd45314a73d77dc [diff]
diff --git a/ChangeLog b/ChangeLog
index ed7818e..acb5330 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -446,6 +446,10 @@
 
 = mbed TLS 2.1.0 released 2015-09-04
 
+Security
+   * Fix a buffer overread in ssl_parse_server_key_exchange() that could cause
+     a crash on invalid input.
+
 Features
    * Added support for yotta as a build system.
    * Primary open source license changed to Apache 2.0 license.
@@ -481,6 +485,8 @@
    * Fix unused function warning when using MBEDTLS_MDx_ALT or
      MBEDTLS_SHAxxx_ALT (found by Henrik) (#239)
    * Fix memory corruption in pkey programs (found by yankuncheng) (#210)
+   * Fix a possible arithmetic overflow in ssl_parse_server_key_exchange()
+     that could cause a key exchange to fail on valid data.
 
 Changes
    * The PEM parser now accepts a trailing space at end of lines (#226).
commit	d3cec993774f638540051501ba8617bc1e37cfbb	[log] [tgz]
author	Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com>	Wed Mar 14 11:52:22 2018 +0100
committer	Krzysztof Stachowiak <krzysiek.stachowiak@gmail.com>	Wed Mar 14 14:39:01 2018 +0100
tree	b6ce17ff0787a532429a9e1f2e9f9532017562fd
parent	c86b880411191c3e56105ea1bcd45314a73d77dc [diff]