doc/CHANGELOG.md: update changelog for 5.1.1-rc0 CVE-fix

Signed-off-by: Imran Desai <imran.desai@intel.com>
tpm2-software · Jun 2, 2021 · cde422b · cde422b
1 parent 47b3b6e
commit cde422b
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/doc/CHANGELOG.md b/doc/CHANGELOG.md
@@ -1,5 +1,13 @@
 ## Changelog
 
+### 5.1.1-rc0 2021-05-28
+
+  * tpm2_import: fix fixed AES key CVE-2021-3565
+      - tpm2_import used a fixed AES key for the inner wrapper, which means that
+        a MITM attack would be able to unwrap the imported key. To fix this,
+        ensure the key size is 16 bytes or bigger and use OpenSSL to generate a
+        secure random AES key.
+
 ### 5.1 2021-05-24
 
   * Build