Add ChangeLog entry for the security issue

commit: 83765655ddcde1073f1831e510ecabc116f4c64f [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Jun 26 11:30:01 2017 +0200
committer: Simon Butcher <simon.butcher@arm.com> Fri Jul 28 12:20:48 2017 +0100
tree: 533c0a65e19189eeeb3181919b1959e75c3084cd
parent: 591035d0b482806a837425e09c4b35d9bd6d0998 [diff]
diff --git a/ChangeLog b/ChangeLog
index d44c0f7..dd8d344 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -25,6 +25,14 @@
      to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin,
      KNOX Security, Samsung Research America
 
+Security
+   * Fix authentication bypass in SSL/TLS: when auth_mode is set to optional,
+   mbedtls_ssl_get_verify_result() would incorrectly return 0 when the peer's
+   X.509 certificate chain had more than MBEDTLS_X509_MAX_INTERMEDIATE_CA
+   (default: 8) intermediates, even when it was not trusted. Could be
+   trigerred remotely on both sides. (With auth_mode set to required
+   (default), the handshake was correctly aborted.)
+
 Changes
    * Certificate verification functions now set flags to -1 in case the full
      chain was not verified due to an internal error (including in the verify
commit	83765655ddcde1073f1831e510ecabc116f4c64f	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon Jun 26 11:30:01 2017 +0200
committer	Simon Butcher <simon.butcher@arm.com>	Fri Jul 28 12:20:48 2017 +0100
tree	533c0a65e19189eeeb3181919b1959e75c3084cd
parent	591035d0b482806a837425e09c4b35d9bd6d0998 [diff]