diff --git a/ChangeLog b/ChangeLog index 6a1be9892..f77278b0d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,14 @@ mbed TLS ChangeLog (Sorted per branch, date) = mbed TLS 1.3.22 branch released 2017-xx-xx +Security + * Fix heap corruption in implementation of truncated HMAC extension. + When the truncated HMAC extension is enabled and CBC is used, + sending a malicious application packet can be used to selectively + corrupt 6 bytes on the peer's heap, potentially leading to crash or + remote code execution. This can be triggered remotely from either + side. + Bugfix * Fix memory leak in ssl_set_hostname() when called multiple times. Found by projectgus and jethrogb, #836.