From 130bfe7799a344256505216ee232291471a3672c Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Wed, 6 Mar 2024 10:36:07 +0100
Subject: [PATCH] Add change log

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 ChangeLog.d/tls13-only-server-infinite-loop.txt | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 ChangeLog.d/tls13-only-server-infinite-loop.txt

diff --git a/ChangeLog.d/tls13-only-server-infinite-loop.txt b/ChangeLog.d/tls13-only-server-infinite-loop.txt
new file mode 100644
index 0000000000..4e54b2be15
--- /dev/null
+++ b/ChangeLog.d/tls13-only-server-infinite-loop.txt
@@ -0,0 +1,6 @@
+Security
+   * Fixed a critical denial of service in TLS 1.3 only server (TLS 1.2 support
+     disabled at build time): a TLS client could put the TLS 1.3 only server in
+     a infinite loop processing a TLS 1.2 ClientHello. The default
+     configuration is not affected. Reported by Matthias Mucha and Thomas
+     Blattmann, SICK AG.