From 9e2543bd4f5b7fa06287e2e057088b55813bdbda Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 30 Sep 2019 15:25:18 +0200
Subject: [PATCH] Also mention HMAC_DRBG in the changelog entry

There were no tricky compliance issues for HMAC_DBRG, unlike CTR_DRBG,
but mention it anyway. For CTR_DRBG, summarize the salient issue.
---
 ChangeLog | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 70488e224..123b9b76f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -73,8 +73,9 @@ Bugfix
 Changes
    * Add unit tests for AES-GCM when called through mbedtls_cipher_auth_xxx()
      from the cipher abstraction layer. Fixes #2198.
-   * Clarify how the interface of the CTR_DRBG module relates to
-     NIST SP 800-90A.
+   * Clarify how the interface of the CTR_DRBG and HMAC modules relates to
+     NIST SP 800-90A. In particular CTR_DRBG requires an explicit nonce
+     to achieve a 256-bit strength if MBEDTLS_ENTROPY_FORCE_SHA256 is set.
 
 = mbed TLS 2.16.3 branch released 2019-09-06