From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 21 Sep 2022 08:32:59 +0000 (+0200)
Subject: NEWS: Add info about CVE-2022-40617
X-Git-Tag: 5.9.8~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b2488db2ced1a9904a129b65f43baa4c962ab950;p=thirdparty%2Fstrongswan.git

NEWS: Add info about CVE-2022-40617
---

diff --git a/NEWS b/NEWS
index 699f8531dc..b671fc8ca1 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,10 @@
 strongswan-5.9.8
 ----------------
 
+- Fixed a vulnerability related to accessing untrusted OCSP URIs and CDPs in
+  certificates that could lead to a denial-of-service attack.
+  This vulnerability has been registered as CVE-2022-40617.
+
 - The pki --scep|--scepca commands support the HTTP-based "Simple Certificate
   Enrollment Protocol" (RFC 8894 SCEP) replacing the old and long deprecated
   scepclient that has been removed.