Simplify the change log Signed-off-by: Ronald Cron <ronald.cron@arm.com>

commit: 5dc7999946f302afd392fc15e999b8313e72d2e9 [log] [tgz]
author: Ronald Cron <ronald.cron@arm.com> Thu Nov 17 14:51:52 2022 +0100
committer: Ronald Cron <ronald.cron@arm.com> Thu Nov 17 14:51:52 2022 +0100
tree: a30df982b0e72924878179b7e7c602a8ea99f8f8
parent: 9a1396bfcc2bc2c43aa94f2fdffcfb4341c229b7 [diff]
diff --git a/ChangeLog.d/fix-in-cid-buffer-size.txt b/ChangeLog.d/fix-in-cid-buffer-size.txt
index c8ede1f..8a6c850 100644
--- a/ChangeLog.d/fix-in-cid-buffer-size.txt
+++ b/ChangeLog.d/fix-in-cid-buffer-size.txt

@@ -1,15 +1,4 @@
-Bugfix
-    * Fix potential buffer overflow in DTLS with MBEDTLS_SSL_DTLS_CONNECTION_ID
-      enabled leading to context corruption.
-
 Security
-    * Fix potential memory probe through non-constant time memcmp() in DTLS
-      with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled. The memory probe is possible
-      only under very specific and unlikely conditions:
-      2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
-      MBEDTLS_SSL_CONTEXT_SERIALIZATION is disabled,
-      MBEDTLS_SERVER_HELLO_RANDOM_LEN + MBEDTLS_CLIENT_HELLO_RANDOM_LEN +
-      2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
-      MBEDTLS_SSL_CONTEXT_SERIALIZATION is enabled. Those conditions are not
-      met with the default values of MBEDTLS_SSL_CID_IN_LEN_MAX and
-      MBEDTLS_SSL_CID_OUT_LEN_MAX where the two maximum lengths are equal.
+    * Fix potential heap buffer overread and overwrite in DTLS if
+      MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
+      MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
commit	5dc7999946f302afd392fc15e999b8313e72d2e9	[log] [tgz]
author	Ronald Cron <ronald.cron@arm.com>	Thu Nov 17 14:51:52 2022 +0100
committer	Ronald Cron <ronald.cron@arm.com>	Thu Nov 17 14:51:52 2022 +0100
tree	a30df982b0e72924878179b7e7c602a8ea99f8f8
parent	9a1396bfcc2bc2c43aa94f2fdffcfb4341c229b7 [diff]