diff --git a/ChangeLog.d/cmake-subproject-fix.txt b/ChangeLog.d/cmake-subproject-fix.txt new file mode 100644 index 000000000..dffdd1406 --- /dev/null +++ b/ChangeLog.d/cmake-subproject-fix.txt @@ -0,0 +1,3 @@ +Features + * cmake now detects if it is being built as a sub-project, and in that case + disables the target export/installation and package configuration. diff --git a/ChangeLog.d/fix_keyid_and_ownerid_accessor_macros.txt b/ChangeLog.d/fix_keyid_and_ownerid_accessor_macros.txt new file mode 100644 index 000000000..5d52fd51b --- /dev/null +++ b/ChangeLog.d/fix_keyid_and_ownerid_accessor_macros.txt @@ -0,0 +1,4 @@ +Bugfix + * Fix MBEDTLS_SVC_KEY_ID_GET_KEY_ID() and MBEDTLS_SVC_KEY_ID_GET_OWNER_ID() + which have been broken, resulting in compilation errors, since Mbed TLS + 3.0. diff --git a/ChangeLog.d/fix_tls_12_ciphersuite_selection.txt b/ChangeLog.d/fix_tls_12_ciphersuite_selection.txt new file mode 100644 index 000000000..ad615bcfa --- /dev/null +++ b/ChangeLog.d/fix_tls_12_ciphersuite_selection.txt @@ -0,0 +1,5 @@ +Bugfix + * Ensure that TLS 1.2 ciphersuite/certificate and key selection takes into + account not just the type of the key (RSA vs EC) but also what it can + actually do. Resolves #5831. + diff --git a/ChangeLog.d/fix_windows_build_host_detection.txt b/ChangeLog.d/fix_windows_build_host_detection.txt new file mode 100644 index 000000000..d593eb834 --- /dev/null +++ b/ChangeLog.d/fix_windows_build_host_detection.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix CMake windows host detection, especially when cross compiling. + diff --git a/ChangeLog.d/keyidowner-psacrypto-compat.txt b/ChangeLog.d/keyidowner-psacrypto-compat.txt new file mode 100644 index 000000000..77ce9e3cb --- /dev/null +++ b/ChangeLog.d/keyidowner-psacrypto-compat.txt @@ -0,0 +1,2 @@ +Features + * Make USE_PSA_CRYPTO compatible with KEY_ID_ENCODES_OWNER. Fixes #5259. diff --git a/ChangeLog.d/make-generated-file-fix.txt b/ChangeLog.d/make-generated-file-fix.txt new file mode 100644 index 000000000..d0c143728 --- /dev/null +++ b/ChangeLog.d/make-generated-file-fix.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix an error in make where the absence of a generated file caused + make to break on a clean checkout. Fixes #5340. diff --git a/ChangeLog.d/msvc-compiler-bug.txt b/ChangeLog.d/msvc-compiler-bug.txt new file mode 100644 index 000000000..06062bc5d --- /dev/null +++ b/ChangeLog.d/msvc-compiler-bug.txt @@ -0,0 +1,3 @@ +Bugfix + * Work around an MSVC ARM64 compiler bug causing incorrect behaviour + in mbedtls_mpi_exp_mod(). Reported by Tautvydas Žilys in #5467. diff --git a/ChangeLog.d/new-examples.txt b/ChangeLog.d/new-examples.txt new file mode 100644 index 000000000..71ec8330c --- /dev/null +++ b/ChangeLog.d/new-examples.txt @@ -0,0 +1,5 @@ +Features + * Add example programs cipher_aead_demo.c, md_hmac_demo.c, aead_demo.c + and hmac_demo.c, which use PSA and the md/cipher interfaces side + by side in order to illustrate how the operation is performed in PSA. + Addresses #5208. diff --git a/ChangeLog.d/remove_prompt_to_exit.txt b/ChangeLog.d/remove_prompt_to_exit.txt new file mode 100644 index 000000000..4cd40c3dc --- /dev/null +++ b/ChangeLog.d/remove_prompt_to_exit.txt @@ -0,0 +1,4 @@ +Bugfix + * Removed the prompt to exit from all windows build programs that was causing + issues in CI/CD environments. + diff --git a/ChangeLog.d/tls13-sig-alg-deprecations.txt b/ChangeLog.d/tls13-sig-alg-deprecations.txt new file mode 100644 index 000000000..b56fa172a --- /dev/null +++ b/ChangeLog.d/tls13-sig-alg-deprecations.txt @@ -0,0 +1,5 @@ +New deprecations + * Deprecate mbedtls_ssl_conf_sig_hashes() in favor of the more generic + mbedtls_ssl_conf_sig_algs(). Signature algorithms for the TLS 1.2 and + TLS 1.3 handshake should now be configured with + mbedtls_ssl_conf_sig_algs().