sig_algs: add ChangeLog

Signed-off-by: Janos Follath <janos.follath@arm.com>
2026-04-13 15:42:26 +02:00 · 2026-01-23 16:31:53 +00:00
parent 475ac34e1f
commit f68d402029
1 changed files with 5 additions and 0 deletions
--- a/ChangeLog.d/sig_algs_check.txt
+++ b/ChangeLog.d/sig_algs_check.txt
@@ -0,0 +1,5 @@
+Security
+   * Fix a bug in the TLS 1.2 client's signature algorithm check, which caused
+     the client to accept server key exchange messages signed with a signature
+     algorithm explicitly disallowed by the client. Found and reported by
+     EFR-GmbH and M. Heuft of Security-Research-Consulting GmbH. CVE-2026-25834