From 4ecd34f86c9c829b2b48f71b9536955875509428 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Wed, 17 Jan 2018 17:45:31 +0000
Subject: [PATCH] Adapt ChangeLog

---
 ChangeLog | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index ed7818e30..d853b226c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,11 @@ Features
      heavily-loaded machine.
 
 Bugfix
+   * Properly initialize and free SHA-256 / SHA-512 context in entropy module
+     instead of performing zeroization only. This could lead to failure for
+     alternative implementations of SHA-256 / SHA-512 for which zeroization
+     of contexts is not a proper way of initialization.
+     Found and fix suggested by ccli8.
    * Fix ssl_parse_record_header() to silently discard invalid DTLS records
      as recommended in RFC 6347 Section 4.1.2.7.
    * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.