diff --git a/ChangeLog.d/ecdsa-conversion-overflow.txt b/ChangeLog.d/ecdsa-conversion-overflow.txt
index 00cac06513..83b7f2f88b 100644
--- a/ChangeLog.d/ecdsa-conversion-overflow.txt
+++ b/ChangeLog.d/ecdsa-conversion-overflow.txt
@@ -1,4 +1,6 @@
 Security
    * Fix a stack buffer overflow in mbedtls_ecdsa_der_to_raw() and
-     mbedtls_ecdsa_raw_to_der() when curve_bits is larger than the
-     largest supported curve.
+     mbedtls_ecdsa_raw_to_der() when the bits parameter is larger than the
+     largest supported curve. In some configurations with PSA disabled,
+     all values of bits are affected. This never happens in internal library
+     calls, but can affect applications that call these functions directly.