diff --git a/ChangeLog b/ChangeLog index 58ff14734..c7154ba3a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -33,6 +33,9 @@ Bugfix for the parameter. * Add a check for MBEDTLS_X509_CRL_PARSE_C in ssl_server2, guarding the crl sni entry parameter. Reported by inestlerode in #560. + * Avoid use of statically sized stack buffers for certificate writing. + This previously limited the maximum size of DER encoded certificates + in mbedtls_x509write_crt_der() to 2Kb. Reported by soccerGB in #2631. Changes * Server's RSA certificate in certs.c was SHA-1 signed. In the default