From 08f06eb0499da2a9fb2b14f316dfbec5fd052e1b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?=
 <manuel.pegourie-gonnard@arm.com>
Date: Wed, 19 Feb 2020 09:31:38 +0100
Subject: [PATCH] Add ChangeLog entries for pk_parse_key() fixes

---
 ChangeLog | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 4fe9c94bb..28467be66 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -11,6 +11,11 @@ Security
 
 Bugfix
    * Fix an unchecked call to mbedtls_md() in the x509write module.
+   * Fix a bug in mbedtls_pk_parse_key() that would cause it to accept some
+     RSA keys that would later be rejected by functions expecting private
+     keys. Found by Catena cyber using oss-fuzz (issue 20467).
+   * Fix a bug in mbedtls_pk_parse_key() that would cause it to accept some
+     RSA keys with invalid values by silently fixing those values.
 
 = mbed TLS 2.7.13 branch released 2020-01-15