From 255c492dab881e0f8390ecb5f1eb948def15c1e9 Mon Sep 17 00:00:00 2001
From: Minos Galanakis <minos.galanakis@arm.com>
Date: Sun, 8 Jun 2025 23:10:58 +0100
Subject: [PATCH] Added CVE's to ChangeLogs

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
---
 ChangeLog.d/1351_lms_overread.txt                    | 1 +
 ChangeLog.d/1353_lms_check_return_of_merkle_leaf.txt | 1 +
 2 files changed, 2 insertions(+)

diff --git a/ChangeLog.d/1351_lms_overread.txt b/ChangeLog.d/1351_lms_overread.txt
index 43249f70a5..c6ad77227c 100644
--- a/ChangeLog.d/1351_lms_overread.txt
+++ b/ChangeLog.d/1351_lms_overread.txt
@@ -1,3 +1,4 @@
 Security
    * Fix a buffer overread in mbedtls_lms_import_public_key() when the input is
      less than 3 bytes. Reported by Linh Le and Ngan Nguyen from Calif.
+     CVE-2025-49601
diff --git a/ChangeLog.d/1353_lms_check_return_of_merkle_leaf.txt b/ChangeLog.d/1353_lms_check_return_of_merkle_leaf.txt
index 9feca99ba7..4d8bd8a1c3 100644
--- a/ChangeLog.d/1353_lms_check_return_of_merkle_leaf.txt
+++ b/ChangeLog.d/1353_lms_check_return_of_merkle_leaf.txt
@@ -2,3 +2,4 @@ Security
    * Fix a vulnerability in LMS verification through which an adversary could
      get an invalid signature accepted if they could cause a hash accelerator
      to fail. Found and reported by Linh Le and Ngan Nguyen from Calif.
+     CVE-2025-49600