From b2488db2ced1a9904a129b65f43baa4c962ab950 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Wed, 21 Sep 2022 10:32:59 +0200
Subject: [PATCH] NEWS: Add info about CVE-2022-40617

---
 NEWS | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/NEWS b/NEWS
index 699f8531dc..b671fc8ca1 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,10 @@
 strongswan-5.9.8
 ----------------
 
+- Fixed a vulnerability related to accessing untrusted OCSP URIs and CDPs in
+  certificates that could lead to a denial-of-service attack.
+  This vulnerability has been registered as CVE-2022-40617.
+
 - The pki --scep|--scepca commands support the HTTP-based "Simple Certificate
   Enrollment Protocol" (RFC 8894 SCEP) replacing the old and long deprecated
   scepclient that has been removed.
-- 
2.47.2