In TLS 1.2, only servers are affected Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

commit: 6dd5b9a60c2d6f483c30f9b010f663dd63394451 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Mon Oct 02 15:36:58 2023 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Mon Oct 02 15:38:51 2023 +0200
tree: e497fbe6d8debd7f4ede610d241bb846e05c2d6b
parent: b782415e1bd6df03543223e1c653641d9dcd946a [diff]
diff --git a/ChangeLog.d/xxx_psa_peerkey.txt b/ChangeLog.d/xxx_psa_peerkey.txt
index 1ba1510..d25e4ec 100644
--- a/ChangeLog.d/xxx_psa_peerkey.txt
+++ b/ChangeLog.d/xxx_psa_peerkey.txt

@@ -1,6 +1,8 @@
 Security
    * Fix a remotely exploitable heap buffer overflow in TLS handshake parsing.
-     In TLS 1.3, all configurations are affected except PSK-only ones.
+     In TLS 1.3, all configurations are affected except PSK-only ones, and
+     both clients and servers are affected.
      In TLS 1.2, the affected configurations are those with
-     MBEDTLS_USE_PSA_CRYPTO and ECDH enabled but DHM and RSA disabled.
+     MBEDTLS_USE_PSA_CRYPTO and ECDH enabled but DHM and RSA disabled,
+     and only servers are affected, not clients.
      Credit to OSS-Fuzz.
commit	6dd5b9a60c2d6f483c30f9b010f663dd63394451	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Oct 02 15:36:58 2023 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Oct 02 15:38:51 2023 +0200
tree	e497fbe6d8debd7f4ede610d241bb846e05c2d6b
parent	b782415e1bd6df03543223e1c653641d9dcd946a [diff]