fix XER decoder crash on maliciously constructed ENUMERATED input
diff --git a/ChangeLog b/ChangeLog
index 4db1c27..0169649 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,10 +1,15 @@
0.9.??:
+ FEATURES:
* Added OER support.
* Added LTE RRC example (Bi-Ruei, Chiu).
* Added IEEE 1609.2 example.
* Added SAE J2735 example.
+
+ NOTABLE:
* converter-sample.c renamed into converter-example.c
+
+ FIXES:
* CVE-2017-12966 verified not present.
* Fix incomplete (failed) CHOICE XER decoding memory leak.
(Severity: medium; Security impact: medium)
@@ -12,6 +17,8 @@
(Severity: low; Security impact: medium)
* Fix UPER string decoding constrained only by lower bound > 0
(Severity: low; Security impact: none)
+ * Fix XER decoder crash on maliciously constructed ENUMERATED input.
+ (Severity: medium; Security impact: medium)
0.9.28: 2017-03-26
* PER decoding: avoid memory leak on error. By github.com/simo5