diff --git a/ChangeLog.d/fix-null-pointer-dereference.txt b/ChangeLog.d/fix-null-pointer-dereference.txt
new file mode 100644
index 0000000000..1eb3c416a8
--- /dev/null
+++ b/ChangeLog.d/fix-null-pointer-dereference.txt
@@ -0,0 +1,4 @@
+Security
+   * Fix a NULL pointer dereference in mbedtls_x509_string_to_names() when
+     mbedtls_calloc() fails to allocate memory. This was caused by failing to
+     check whether mbedtls_calloc() returned NULL.