diff --git a/ChangeLog b/ChangeLog
index 13dda4db5..024854d60 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,9 +2,9 @@ mbed TLS ChangeLog (Sorted per branch, date)
 
 = mbed TLS 2.x.x branch released xxxx-xx-xx
 
-Bugfix
-   * Fix possible memory leak in mbedtls_ssl_config_free().
-     This can occur only if the user doesn't use mbedtls_ssl_conf_psk() and
+Changes
+   * Harden mbedtls_ssl_config_free() against misuse, so that it doesn't
+     leak memory in case the user doesn't use mbedtls_ssl_conf_psk() and
      instead incorrectly manipulates conf->psk and/or conf->psk_identity
      directly. Found and fix submitted by junyeonLEE in #1220.