Fix uninitialised pointer dereference

ChangeLog

diff --git a/ChangeLog b/ChangeLog
index d3b7124..9821551 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,11 @@
 
 = PolarSSL 1.3.z branch
 
+Security
+   * Fix remotely-triggerable uninitialised pointer dereference caused by
+     crafted X.509 certificate (server is not affected if it doesn't ask for a
+     client certificate) (found using Codenomicon Defensics).
+
 Features
    * Add function pk_check_pair() to test if public and private keys match.