diff --git a/ChangeLog b/ChangeLog
index e5ba2139b..6fdabbae6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,9 @@ Security
      side in both TLS and DTLS.
 
 Bugfix
+   * Fix wrong implementation of truncated HMAC extension leading to
+     compatibility problems with peers not running Mbed TLS. Found by
+     Andreas Walz.
    * Fix ssl_parse_record_header() to silently discard invalid DTLS records
      as recommended in RFC 6347 Section 4.1.2.7.
    * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.