From aa947f1cef0fd44f4ad617deb8c9461b144300a7 Mon Sep 17 00:00:00 2001
From: Ron Eldor <Ron.Eldor@arm.com>
Date: Wed, 15 May 2019 12:28:21 +0300
Subject: [PATCH] Fix ChangeLog entry location

Move the ChangeLog entries to correct section, as it was in an
already released section, due to rebase error.
---
 ChangeLog | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index f01b870ca..3aa84e73c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,9 @@ Features
      Contributed by Jack Lloyd and Fortanix Inc.
    * Add the Wi-SUN Field Area Network (FAN) device extended key usage.
    * Add the oid certificate policy x509 extension.
+   * Extend the  MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,
+     and the used tls-prf.
+   * Add public API for tls-prf function, according to requested enum.
 
 Bugfix
    * Fix private key DER output in the key_app_writer example. File contents
@@ -34,6 +37,11 @@ Bugfix
    * Add a check for MBEDTLS_X509_CRL_PARSE_C in ssl_server2, guarding the crl
      sni entry parameter. Reported by inestlerode in #560.
 
+API Changes
+   * Extend the  MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,
+     and the used tls-prf.
+   * Add public API for tls-prf function, according to requested enum.
+
 Changes
    * Server's RSA certificate in certs.c was SHA-1 signed. In the default
      mbedTLS configuration only SHA-2 signed certificates are accepted.
@@ -61,9 +69,6 @@ Features
    * Add MBEDTLS_REMOVE_3DES_CIPHERSUITES to allow removing 3DES ciphersuites
      from the default list (enabled by default). See
      https://sweet32.info/SWEET32_CCS16.pdf.
-   * Extend the  MBEDTLS_SSL_EXPORT_KEYS to export the handshake randbytes,
-     and the used tls-prf.
-   * Add public API for tls-prf function, according to requested enum.
 
 API Changes
    * Add a new X.509 API call `mbedtls_x509_parse_der_nocopy()`.