From a9c58584be88dff08332b51fb08c3895bd58f072 Mon Sep 17 00:00:00 2001
From: Tom Cosgrove <tom.cosgrove@arm.com>
Date: Wed, 22 Mar 2023 16:25:43 +0000
Subject: [PATCH] Add security entry to ChangeLog for AES-CE

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
---
 ChangeLog.d/aes-ce-security-notice.txt | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 ChangeLog.d/aes-ce-security-notice.txt

diff --git a/ChangeLog.d/aes-ce-security-notice.txt b/ChangeLog.d/aes-ce-security-notice.txt
new file mode 100644
index 000000000..27f8f80d8
--- /dev/null
+++ b/ChangeLog.d/aes-ce-security-notice.txt
@@ -0,0 +1,5 @@
+Security
+   * Add support for AES with the Armv8-A Cryptographic Extension on 64-bit
+     Arm, so that these systems are no longer vulnerable to timing side-channel
+     attacks. This is configured by MBEDTLS_AESCE_C, which is on by default.
+     Reported by Demi Marie Obenour.