Update change log

commit: b435e9969378c1824f97f324dddd466e2bf67df8 [log] [tgz]
author: k-stachowiak <krzysiek.stachowiak@gmail.com> Mon Jul 16 12:14:18 2018 +0200
committer: k-stachowiak <krzysiek.stachowiak@gmail.com> Mon Jul 16 12:27:34 2018 +0200
tree: 257e0efb7dda26ea9a5b164bb58a71c60ba1123d
parent: 2d2d80b9168611d11b54de7ce5945141bbece5d5 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 24d2050..0ab0e44 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -2,6 +2,12 @@
 
 = mbed TLS x.x.x branch released xxxx-xx-xx
 
+Security
+   * Fix an issue in the X.509 module which could lead to a buffer overread
+     during certificate extensions parsing. In case of receiving malformed
+     input (extensions length field equal to 0), an illegal read of one byte
+     beyond the input buffer is made. Found and analyzed by Nathan Crandall.
+
 Bugfix
    * Fix a memory leak in mbedtls_x509_csr_parse(), found by catenacyber,
      Philippe Antoine. Fixes #1623.
commit	b435e9969378c1824f97f324dddd466e2bf67df8	[log] [tgz]
author	k-stachowiak <krzysiek.stachowiak@gmail.com>	Mon Jul 16 12:14:18 2018 +0200
committer	k-stachowiak <krzysiek.stachowiak@gmail.com>	Mon Jul 16 12:27:34 2018 +0200
tree	257e0efb7dda26ea9a5b164bb58a71c60ba1123d
parent	2d2d80b9168611d11b54de7ce5945141bbece5d5 [diff] [blame]