From ddbf8d030a32c5b59afc9975bca180fd9ce28d8e Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Wed, 14 May 2025 15:45:00 +0100
Subject: [PATCH] Add credit to the reporters of the PKCS7 issue

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 ChangeLog.d/pkcs7-padding-side-channel-fix.txt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ChangeLog.d/pkcs7-padding-side-channel-fix.txt b/ChangeLog.d/pkcs7-padding-side-channel-fix.txt
index b813b84ce..c5cbc7535 100644
--- a/ChangeLog.d/pkcs7-padding-side-channel-fix.txt
+++ b/ChangeLog.d/pkcs7-padding-side-channel-fix.txt
@@ -2,3 +2,5 @@ Security
    * Fix a timing side channel in the implementation of PKCS#7 padding
      which would allow an attacker who can request decryption of arbitrary
      ciphertexts to recover the plaintext through a timing oracle attack.
+     Reported by Ka Lok Wu from Stony Brook University and Doria Tang from
+     The Chinese University of Hong Kong.