From 16674559929f6b37aee738953151b2b67eeeade9 Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Wed, 22 Jan 2025 11:18:14 +0000
Subject: [PATCH] Add ChangeLog entry for PKCS#7 side channel fix

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 ChangeLog.d/pkcs7-padding-side-channel-fix.txt | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 ChangeLog.d/pkcs7-padding-side-channel-fix.txt

diff --git a/ChangeLog.d/pkcs7-padding-side-channel-fix.txt b/ChangeLog.d/pkcs7-padding-side-channel-fix.txt
new file mode 100644
index 0000000000..f34c095056
--- /dev/null
+++ b/ChangeLog.d/pkcs7-padding-side-channel-fix.txt
@@ -0,0 +1,4 @@
+Security
+   * Fix a timing side channel in the implementation of PKCS#7 padding
+     which would allow an attacker who can request decryption of arbitrary
+     ciphertexts to recover the last byte of each block of the plaintext.