From 21feae58cbc66c675e7ccf40ae1037ec7111cbd1 Mon Sep 17 00:00:00 2001
From: k-stachowiak <krzysiek.stachowiak@gmail.com>
Date: Mon, 9 Jul 2018 14:42:35 +0200
Subject: [PATCH] Update change log

---
 ChangeLog         | 5 +++++
 library/ssl_tls.c | 1 -
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 305eef60b..115f56ec8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,11 @@ mbed TLS ChangeLog (Sorted per branch, date)
 
 = mbed TLS x.x.x branch released xxxx-xx-xx
 
+Security
+   * Fix a potential memory leak in mbedtls_ssl_setup( ) function. An allocation
+     failure could leave an unreleased buffer. A handshake init failure would
+     lead to leaving two unreleased buffers.
+
 Features
    * Add new crypto primitives from RFC 7539: stream cipher Chacha20, one-time
      authenticator Poly1305 and AEAD construct Chacha20-Poly1305. Contributed by
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f4a34b17c..661263abd 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5672,7 +5672,6 @@ int mbedtls_ssl_setup( mbedtls_ssl_context *ssl,
                        const mbedtls_ssl_config *conf )
 {
     int err;
-    const size_t len = MBEDTLS_SSL_BUFFER_LEN;
 
     ssl->conf = conf;