From 825c3db149abc89de130c73f7266f59b844fd926 Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Wed, 25 Oct 2017 16:10:07 +0100
Subject: [PATCH] Adapt ChangeLog

---
 ChangeLog | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index a3171d7eb4..360a72db8c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,16 @@
 mbed TLS ChangeLog (Sorted per branch, date)
 
+= mbed TLS 1.3.22 branch released xxxx-xx-xx
+
+Security
+   * Make mpi_read_binary constant-time with respect to
+     the input data. Previously, trailing zero bytes were detected
+     and omitted for the sake of saving memory, but potentially
+     leading to slight timing differences.
+     Reported by Marco Macchetti, Kudelski Group.
+   * Wipe stack buffer temporarily holding EC private exponent
+     after keypair generation.
+
 = mbed TLS 1.3.21 branch released 2017-08-10
 
 Security