Add ChangeLog entry

commit: d71f31bfb71ae7f95ae573566298721148b16b8a [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Mon Nov 11 14:15:00 2019 +0000
committer: Janos Follath <janos.follath@arm.com> Mon Nov 11 14:15:00 2019 +0000
tree: bf4ee9030a7648bff26eaee7d7ab9992ec8d2465
parent: e25f1ee44d459567104e5f227fe9fca7de564c18 [diff]
diff --git a/ChangeLog b/ChangeLog
index c92e429..c2dac3e 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -2,6 +2,12 @@
 
 = mbed TLS 2.16.x branch released xxxx-xx-xx
 
+Security
+   * Fix side channel vulnerability in ECDSA key generation. Obtaining precise
+     timings on the comparison in the key generation enabled the attacker to
+     learn leading bits of the ephemeral key used during ECDSA signatures and to
+     recover the private key. Reported by Jeremy Dubeuf.
+
 Bugfix
    * Remove redundant line for getting the bitlen of a bignum, since the variable
      holding the returned value is overwritten a line after.
commit	d71f31bfb71ae7f95ae573566298721148b16b8a	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Mon Nov 11 14:15:00 2019 +0000
committer	Janos Follath <janos.follath@arm.com>	Mon Nov 11 14:15:00 2019 +0000
tree	bf4ee9030a7648bff26eaee7d7ab9992ec8d2465
parent	e25f1ee44d459567104e5f227fe9fca7de564c18 [diff]