commit e84d90181643806d91acfe39452d93bed153d67a
author Hanno Becker <hanno.becker@arm.com> Wed Nov 29 16:57:06 2017 +0000
committer Hanno Becker <hanno.becker@arm.com> Fri Dec 01 10:20:47 2017 +0000
tree 951afec1cdf491375b5a115d6663b56298a5a6c0
parent e53dc43d3af5ff114b6e1183ca339532eadff883

Update ChangeLog

ChangeLog

diff --git a/ChangeLog b/ChangeLog
index 6fdabba..1e339dc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,11 +10,13 @@
      corrupt 6 bytes on the peer's heap, potentially leading to crash or
      remote code execution. This can be triggered remotely from either
      side in both TLS and DTLS.
+   * Fix implementation of truncated HMAC extension leading to
+     compatibility problems with non Mbed TLS peers and allowing
+     an offline 2^80 brute force attack on the HMAC key of a single,
+     uninterrupted (excluding session resumption) connection.
+     Found by Andreas Walz.
 
 Bugfix
-   * Fix wrong implementation of truncated HMAC extension leading to
-     compatibility problems with peers not running Mbed TLS. Found by
-     Andreas Walz.
    * Fix ssl_parse_record_header() to silently discard invalid DTLS records
      as recommended in RFC 6347 Section 4.1.2.7.
    * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.