Fix potential overflow in CertificateRequest
diff --git a/ChangeLog b/ChangeLog
index b53c118..b26b4b0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -21,6 +21,10 @@
* Fix possible heap buffer overflow in base64_encode() when the input
buffer is 512MB or larger on 32-bit platforms.
Found by Guido Vranken. Not trigerrable remotely in TLS.
+ * Fix potential heap buffer overflow in servers that perform client
+ authentication against a crafted CA cert. Cannot be triggered remotely
+ unless you allow third parties to pick trust CAs for client auth.
+ Found by Guido Vranken.
= mbed TLS 1.3.13 released 2015-09-17