From 968a92865966b35334655e65547da5f288722769 Mon Sep 17 00:00:00 2001
From: Paul Elliott <paul.elliott@arm.com>
Date: Tue, 16 Jan 2024 11:16:56 +0000
Subject: [PATCH] Add Changelog for #8687

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
---
 ChangeLog.d/fix_int_overflow_x509_extension | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 ChangeLog.d/fix_int_overflow_x509_extension

diff --git a/ChangeLog.d/fix_int_overflow_x509_extension b/ChangeLog.d/fix_int_overflow_x509_extension
new file mode 100644
index 0000000000..2a679284f8
--- /dev/null
+++ b/ChangeLog.d/fix_int_overflow_x509_extension
@@ -0,0 +1,8 @@
+Security
+   * Fix a failure to validate input when writing x509 extensions lengths which
+     could result in an integer overflow, causing a zero-length buffer to be
+     allocated to hold the extension. The extension would then be copied into
+     the buffer, causing a heap buffer overflow.
+
+
+