Update ChangeLog for fix to #836

2017-09-30 23:39:46 +01:00 · 2017-09-30 23:39:46 +01:00 · 2c4f9460ea
commit 2c4f9460ea
parent 1a9a51c7cf
1 changed files with 2 additions and 2 deletions
--- a/4
+++ b/4
@ -8,6 +8,8 @@ Features
 Bugfix
   * Fix ssl_parse_record_header() to silently discard invalid DTLS records
     as recommended in RFC 6347 Section 4.1.2.7.
+   * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
+     Found by projectgus and jethrogb, #836.

 = mbed TLS 2.6.0 branch released 2017-08-10

@ -198,8 +200,6 @@ Security
     team. #569 CVE-2017-2784

 Bugfix
-   * Fix memory leak in mbedtls_ssl_set_hostname() when called multiple times.
-     Found by jethrogb, #836.
   * Fix output certificate verification flags set by x509_crt_verify_top() when
     traversing a chain of trusted CA. The issue would cause both flags,
     MBEDTLS_X509_BADCERT_NOT_TRUSTED and MBEDTLS_X509_BADCERT_EXPIRED, to be