From d2cb074a3a13459767470b5b197e904c454332b6 Mon Sep 17 00:00:00 2001
From: Elena Uziunaite <elena.uziunaite@arm.com>
Date: Thu, 22 Aug 2024 09:23:48 +0100
Subject: [PATCH] Tiny fix in ChangeLog pt 2

Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
---
 ChangeLog.d/fix_reporting_of_key_usage_issues.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ChangeLog.d/fix_reporting_of_key_usage_issues.txt b/ChangeLog.d/fix_reporting_of_key_usage_issues.txt
index 08a0ab270..b81fb426a 100644
--- a/ChangeLog.d/fix_reporting_of_key_usage_issues.txt
+++ b/ChangeLog.d/fix_reporting_of_key_usage_issues.txt
@@ -3,7 +3,7 @@ Security
      client, if the client-provided certificate does not have appropriate values
      in keyUsage or extKeyUsage extensions, then the return value of
      mbedtls_ssl_get_verify_result() would incorrectly have the
-     MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits
+     MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_EXT_KEY_USAGE bits
      clear. As a result, an attacker that had a certificate valid for uses other
      than TLS client authentication could be able to use it for TLS client
      authentication anyway. Only TLS 1.3 servers were affected, and only with