Fix stack buffer overflow in ECDSA signature format conversions

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/ChangeLog.d/ecdsa-conversion-overflow.txt b/ChangeLog.d/ecdsa-conversion-overflow.txt
new file mode 100644
index 0000000..00cac06
--- /dev/null
+++ b/ChangeLog.d/ecdsa-conversion-overflow.txt
@@ -0,0 +1,4 @@
+Security
+   * Fix a stack buffer overflow in mbedtls_ecdsa_der_to_raw() and
+     mbedtls_ecdsa_raw_to_der() when curve_bits is larger than the
+     largest supported curve.