From 5dc7999946f302afd392fc15e999b8313e72d2e9 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 17 Nov 2022 14:51:52 +0100
Subject: [PATCH] Simplify the change log

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 ChangeLog.d/fix-in-cid-buffer-size.txt | 17 +++--------------
 1 file changed, 3 insertions(+), 14 deletions(-)

diff --git a/ChangeLog.d/fix-in-cid-buffer-size.txt b/ChangeLog.d/fix-in-cid-buffer-size.txt
index c8ede1f1c..8a6c85023 100644
--- a/ChangeLog.d/fix-in-cid-buffer-size.txt
+++ b/ChangeLog.d/fix-in-cid-buffer-size.txt
@@ -1,15 +1,4 @@
-Bugfix
-    * Fix potential buffer overflow in DTLS with MBEDTLS_SSL_DTLS_CONNECTION_ID
-      enabled leading to context corruption.
-
 Security
-    * Fix potential memory probe through non-constant time memcmp() in DTLS
-      with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled. The memory probe is possible
-      only under very specific and unlikely conditions:
-      2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
-      MBEDTLS_SSL_CONTEXT_SERIALIZATION is disabled,
-      MBEDTLS_SERVER_HELLO_RANDOM_LEN + MBEDTLS_CLIENT_HELLO_RANDOM_LEN +
-      2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
-      MBEDTLS_SSL_CONTEXT_SERIALIZATION is enabled. Those conditions are not
-      met with the default values of MBEDTLS_SSL_CID_IN_LEN_MAX and
-      MBEDTLS_SSL_CID_OUT_LEN_MAX where the two maximum lengths are equal.
+    * Fix potential heap buffer overread and overwrite in DTLS if
+      MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
+      MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.