Add ChangeLog entry Signed-off-by: Janos Follath <janos.follath@arm.com>

commit: ef15ce502c99dcbb92c7ce910d6aae2a21a0a5f5 [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Fri Jun 25 13:43:59 2021 +0100
committer: Janos Follath <janos.follath@arm.com> Fri Jun 25 14:59:30 2021 +0100
tree: 3c6756de9cffb1b2d06991b395d6990e3524f01a
parent: bc58902a32cede7a26fe5b66bbc3d5b07ac9343d [diff]
diff --git a/ChangeLog.d/reject-low-order-points-early.txt b/ChangeLog.d/reject-low-order-points-early.txt
new file mode 100644
index 0000000..eb73569
--- /dev/null
+++ b/ChangeLog.d/reject-low-order-points-early.txt

@@ -0,0 +1,6 @@
+Security
+   * An adversary with access to precise enough timing information (typically, a
+     co-located process) could recover a Curve25519 or Curve448 static ECDH key
+     after inputting a chosen public key and observing the victim performing the
+     corresponding private-key operation. Found and reported by Leila Batina,
+     Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe.
commit	ef15ce502c99dcbb92c7ce910d6aae2a21a0a5f5	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Fri Jun 25 13:43:59 2021 +0100
committer	Janos Follath <janos.follath@arm.com>	Fri Jun 25 14:59:30 2021 +0100
tree	3c6756de9cffb1b2d06991b395d6990e3524f01a
parent	bc58902a32cede7a26fe5b66bbc3d5b07ac9343d [diff]