From 552e10752b42c8b7af33d4a3403f49e83b53d7c9 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 14 Dec 2022 17:01:51 +0000
Subject: [PATCH 1/2] ChangeLog fix

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 ChangeLog | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index bdeb8f0a0..5de864154 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,12 +2,6 @@ Mbed TLS ChangeLog (Sorted per branch, date)
 
 = Mbed TLS 3.3.0 branch released 2022-12-14
 
-API changes
-   * Add an ad-hoc key derivation function handling EC J-PAKE to PMS
-     calculation that can be used to derive the session secret in TLS 1.2,
-     as described in draft-cragie-tls-ecjpake-01. This can be achieved by
-     using PSA_ALG_TLS12_ECJPAKE_TO_PMS as the key derivation algorithm.
-
 Default behavior changes
    * Previously the macro MBEDTLS_SSL_DTLS_CONNECTION_ID implemented version 05
      of the IETF draft, and was marked experimental and disabled by default.
@@ -103,6 +97,10 @@ Features
      implementations of raw key agreement through the key_agreement driver
      entry point. This entry point is specified in the proposed PSA driver
      interface, but had not yet been implemented.
+   * Add an ad-hoc key derivation function handling EC J-PAKE to PMS
+     calculation that can be used to derive the session secret in TLS 1.2,
+     as described in draft-cragie-tls-ecjpake-01. This can be achieved by
+     using PSA_ALG_TLS12_ECJPAKE_TO_PMS as the key derivation algorithm.
 
 Security
    * Fix potential heap buffer overread and overwrite in DTLS if

From e90ed7d249c521fca2345f8e0b26d425e07d2d5f Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Wed, 14 Dec 2022 17:04:00 +0000
Subject: [PATCH 2/2] Bump versions for libmbedcrypto and libmbedtls

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 library/CMakeLists.txt | 4 ++--
 library/Makefile       | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index d846c496d..c9714bbfb 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -282,7 +282,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY)
 if(USE_SHARED_MBEDTLS_LIBRARY)
     set(CMAKE_LIBRARY_PATH ${CMAKE_CURRENT_BINARY_DIR})
     add_library(${mbedcrypto_target} SHARED ${src_crypto})
-    set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.3.0 SOVERSION 12)
+    set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 3.3.0 SOVERSION 13)
     target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
 
     if(TARGET everest)
@@ -294,7 +294,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
     target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
 
     add_library(${mbedtls_target} SHARED ${src_tls})
-    set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.3.0 SOVERSION 18)
+    set_target_properties(${mbedtls_target} PROPERTIES VERSION 3.3.0 SOVERSION 19)
     target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target})
 endif(USE_SHARED_MBEDTLS_LIBRARY)
 
diff --git a/library/Makefile b/library/Makefile
index 5073517ce..dd16d0615 100644
--- a/library/Makefile
+++ b/library/Makefile
@@ -47,9 +47,9 @@ LOCAL_CFLAGS += -fPIC -fpic
 endif
 endif
 
-SOEXT_TLS?=so.18
+SOEXT_TLS?=so.19
 SOEXT_X509?=so.4
-SOEXT_CRYPTO?=so.12
+SOEXT_CRYPTO?=so.13
 
 # Set AR_DASH= (empty string) to use an ar implementation that does not accept
 # the - prefix for command line options (e.g. llvm-ar)