From 2c4f9460ea98ca0a1d5eefbd10cf6c33c3629b7e Mon Sep 17 00:00:00 2001 From: Simon Butcher Date: Sat, 30 Sep 2017 23:39:46 +0100 Subject: [PATCH] Update ChangeLog for fix to #836 --- ChangeLog | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8729c87e2..ad773c73a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ Features Bugfix * Fix ssl_parse_record_header() to silently discard invalid DTLS records as recommended in RFC 6347 Section 4.1.2.7. + * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times. + Found by projectgus and jethrogb, #836. = mbed TLS 2.6.0 branch released 2017-08-10 @@ -198,8 +200,6 @@ Security team. #569 CVE-2017-2784 Bugfix - * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times. - Found by jethrogb, #836. * Fix output certificate verification flags set by x509_crt_verify_top() when traversing a chain of trusted CA. The issue would cause both flags, MBEDTLS_X509_BADCERT_NOT_TRUSTED and MBEDTLS_X509_BADCERT_EXPIRED, to be