DHM: Fix dhm_check_range() always returning 0
Although the variable ret was initialised to an error, the
MBEDTLS_MPI_CHK macro was overwriting it. Therefore it ended up being
0 whenewer the bignum computation was successfull and stayed 0
independently of the actual check.
diff --git a/ChangeLog b/ChangeLog
index 8f7843d..24bcde5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,10 @@
mbed TLS ChangeLog (Sorted per branch, date)
-= mbed TLS 2.1.x released xxxx-xx-xx
+= mbed TLS 2.1.x branch released xxxx-xx-xx
+
+Security
+ * Fix dhm_check_range() failing to detect trivial subgroups and potentially
+ leaking 1 bit of the private key. Reported by prashantkspatil.
Bugfix
* Fix ssl_parse_record_header() to silently discard invalid DTLS records