From 24f4d7f95e96585e0d9f5b1aaedc137937e9345b Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Fri, 19 Feb 2016 15:58:21 +0000
Subject: [PATCH] X509: Fix bug triggered by future CA among trusted

Fix an issue that caused valid certificates being rejected whenever an
expired or not yet valid version of the trusted certificate was before the
valid version in the trusted certificate list.
---
 ChangeLog | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 675f18330..5b98a1b40 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -40,6 +40,11 @@ Changes
      accepting certificates with non-standard time format (that is without
      seconds or with a time zone). Patch provided by OpenVPN.
 
+Bugfix
+   * Fix an issue that caused valid certificates being rejected whenever an
+   expired or not yet valid version of the trusted certificate was before the
+   valid version in the trusted certificate list.
+
 = mbed TLS 1.3.17 branch 2016-06-28
 
 Security