Update reference to attack in ChangeLog We couldn't do that before the attack was public

commit: f92c86e44d5c33ad2a895cf7f0b989737a60d252 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu Jan 07 13:18:01 2016 +0100
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Thu Jan 07 13:18:01 2016 +0100
tree: 669f05e7b9fdefcc241ec8d0b57ed72859265892
parent: bfafadb45daf8d2114e3109e2f9021fc72ee36bb [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index e21187f..5dcb5a2 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -6,7 +6,10 @@
    * Fix potential double free when mbedtls_asn1_store_named_data() fails to
      allocate memory. Only used for certificate generation, not triggerable
      remotely in SSL/TLS. Found by Rafał Przywara. #367
-   * Disable MD5 handshake signatures in TLS 1.2 by default
+   * Disable MD5 handshake signatures in TLS 1.2 by default to prevent the
+     SLOTH attack on TLS 1.2 server authentication (other attacks from the
+     SLOTH paper do not apply to any version of mbed TLS or PolarSSL).
+     https://www.mitls.org/pages/attacks/SLOTH
 
 Bugfix
    * Fix over-restrictive length limit in GCM. Found by Andreas-N. #362
commit	f92c86e44d5c33ad2a895cf7f0b989737a60d252	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Thu Jan 07 13:18:01 2016 +0100
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Thu Jan 07 13:18:01 2016 +0100
tree	669f05e7b9fdefcc241ec8d0b57ed72859265892
parent	bfafadb45daf8d2114e3109e2f9021fc72ee36bb [diff] [blame]