Up min size of DHM params to 1024 bits on client

commit: 9ea1b23cc47d6be317f951909ec87f9ac9f9bacc [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Jun 29 15:27:52 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Jun 29 18:52:57 2015 +0200
tree: 2c5dc0552d9a7189cfe0dff5e3ac6c0640ca8f22
parent: 6c3ccf5fd030e4c48c103e9175a13752bc64cb01 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index a206690..69bd936 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -2,9 +2,17 @@
 
 = mbed TLS 1.3.12 released 2015-07-??
 
+Security
+   * Increase the minimum size of Diffie-Hellman parameters accepted by the
+     client to 1024 bits, to protect against Logjam attack.
+
 Bugfix
    * Fix thread-safety issue in SSL debug module (found by Edwin van Vliet).
 
+Changes
+   * Add SSL_MIN_DHM_BYTES configuration parameter in config.h to choose the
+     minimum size of Diffie-Hellman parameters accepted by the client.
+
 = mbed TLS 1.3.11 released 2015-06-04
 
 Security
commit	9ea1b23cc47d6be317f951909ec87f9ac9f9bacc	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Mon Jun 29 15:27:52 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Mon Jun 29 18:52:57 2015 +0200
tree	2c5dc0552d9a7189cfe0dff5e3ac6c0640ca8f22
parent	6c3ccf5fd030e4c48c103e9175a13752bc64cb01 [diff] [blame]