From afbcf97c2051f7f77db58463df4734cc1dd9a866 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 27 Sep 2019 14:07:00 +0200
Subject: [PATCH] Parse HelloVerifyRequest buffer overread: add changelog entry

---
 ChangeLog | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index b296b814b..762f7615f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,8 @@ Security
      timings on the comparison in the key generation enabled the attacker to
      learn leading bits of the ephemeral key used during ECDSA signatures and to
      recover the private key. Reported by Jeremy Dubeuf.
+   * Fix a potentially remotely exploitable buffer overread in a
+     DTLS client when parsing the Hello Verify Request message.
 
 Bugfix
    * Remove redundant line for getting the bitlen of a bignum, since the variable