Minor Changelog updates & fixes

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

ChangeLog

@@ -1,6 +1,6 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
-= mbed TLS x.x.x branch released xxxx-xx-xx
+= mbed TLS 2.28.0 branch released 2021-12-17
 
 API changes
    * Some fields of mbedtls_ssl_session and mbedtls_ssl_config are in a
@@ -33,7 +33,7 @@ Features
      extended to other modules in the future.
    * Add missing PSA macros declared by PSA Crypto API 1.0.0:
      PSA_ALG_IS_SIGN_HASH, PSA_ALG_NONE, PSA_HASH_BLOCK_LENGTH, PSA_KEY_ID_NULL.
-    * Add new API mbedtls_ct_memcmp for constant time buffer comparison.
+   * Add new API mbedtls_ct_memcmp for constant time buffer comparison.
    * Add PSA API definition for ARIA.
 
 Security
@@ -46,6 +46,11 @@ Security
      from the output buffer. This fixes a potential policy bypass or decryption
      oracle vulnerability if the output buffer is in memory that is shared with
      an untrusted application.
+   * Fix a double-free that happened after mbedtls_ssl_set_session() or
+     mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
+     (out of memory). After that, calling mbedtls_ssl_session_free()
+     and mbedtls_ssl_free() would cause an internal session buffer to
+     be free()'d twice.
 
 Bugfix
    * Stop using reserved identifiers as local variables. Fixes #4630.
@@ -86,8 +91,8 @@ Bugfix
      these two.
    * Fix issue in Makefile on Linux with SHARED=1, that caused shared libraries
      not to list other shared libraries they need.
-   * Fix a bug in mbedtls_gcm_starts() when bits of iv are longer than 2^32.
-   * Fix #4884.
+   * Fix a bug in mbedtls_gcm_starts() when the bit length of the iv
+     exceeds 2^32. Fixes #4884.
    * Fix an uninitialized variable warning in test_suite_ssl.function with GCC
      version 11.
    * Fix the build when no SHA2 module is included. Fixes #4930.
@@ -96,11 +101,6 @@ Bugfix
      pkcs12 functions when the password is empty. Fix the documentation to
      better describe the inputs to these functions and their possible values.
      Fixes #5136.
-   * Fix a double-free that happened after mbedtls_ssl_set_session() or
-     mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
-     (out of memory). After that, calling mbedtls_ssl_session_free()
-     and mbedtls_ssl_free() would cause an internal session buffer to
-     be free()'d twice.
    * The key usage flags PSA_KEY_USAGE_SIGN_MESSAGE now allows the MAC
      operations psa_mac_compute() and psa_mac_sign_setup().
    * The key usage flags PSA_KEY_USAGE_VERIFY_MESSAGE now allows the MAC
@@ -114,12 +114,12 @@ Changes
      than the previous constant-flow implementation. Fixes #4814.
    * Indicate in the error returned if the nonce length used with
      ChaCha20-Poly1305 is invalid, and not just unsupported.
-    * The mbedcrypto library includes a new source code module constant_time.c,
-      containing various functions meant to resist timing side channel attacks.
-      This module does not have a separate configuration option, and functions
-      from this module will be included in the build as required. Currently
-      most of the interface of this module is private and may change at any
-      time.
+   * The mbedcrypto library includes a new source code module constant_time.c,
+     containing various functions meant to resist timing side channel attacks.
+     This module does not have a separate configuration option, and functions
+     from this module will be included in the build as required. Currently
+     most of the interface of this module is private and may change at any
+     time.
 
 = mbed TLS 2.27.0 branch released 2021-07-07