Add detail to ChangeLog for SLOTH fix

This commit is contained in:
Simon Butcher 2017-02-05 16:48:47 +00:00
parent ae23a21d4f
commit c709dfab97

View file

@ -5,6 +5,7 @@ mbed TLS ChangeLog (Sorted per branch, date)
Security
* Removed MD5 from the allowed hash algorithms for CertificateRequest and
CertificateVerify messages, to prevent SLOTH attacks against TLS 1.2.
Introduced by interoperability fix for #513.
Bugfix
* Fixed potential arithmetic overflow in mbedtls_ctr_drbg_reseed() that could