From 4d7082288fe7a63134784cc71c5aa0eb65d9ce37 Mon Sep 17 00:00:00 2001
From: ILUXONCHIK <iluxon4ik@hotmail.com>
Date: Tue, 27 Mar 2018 16:31:42 +0100
Subject: [PATCH] add entry to ChangeLog

---
 ChangeLog | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index b39b95391..b6fa8079d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -11,6 +11,13 @@ Bugfix
      previously lead to a stack overflow on constrained targets.
    * Add `MBEDTLS_SELF_TEST` for the mbedtls_self_test functions
      in the header files, which missed the precompilation check. #971
+   * Server's RSA certificate in certs.c was SHA-1 signed. In the default
+     mbedTLS configuration only SHA-2 signed certificates are accepted.
+     This certificate is used in the demo server programs, which lead the
+     client programs to fail at the peer's certificate verification
+     due to an unacceptable hash signature. The certificate has been
+     updated to one that is SHA-256 signed. Fix contributed by
+     Illya Gerasymchuk.
 
 = mbed TLS 2.16.0 branch released 2018-12-21