From d9abed8520508161468832c2e77d779a172f65df Mon Sep 17 00:00:00 2001
From: Hubert Kario <hkario@redhat.com>
Date: Wed, 8 Feb 2023 14:43:45 +0100
Subject: document the CVE fix

Signed-off-by: Hubert Kario <hkario@redhat.com>
---
 NEWS | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/NEWS b/NEWS
index a060176b0f..35212bba80 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,10 @@ See the end for copying conditions.
 
 * Version 3.8.0 (unreleased ????-??-??)
 
+** libgnutls: Fix a Bleichenbacher oracle in the TLS RSA key exchange.
+   Reported by Hubert Kario (#1050). Fix developed by Alexander Sosedkin.
+   [GNUTLS-SA-2020-07-14, CVSS: medium] [CVE-2023-0361]
+
 ** guile: Guile-bindings removed.
 They have been extracted into a separate project to reduce complexity
 and to simplify maintenance, see <https://gitlab.com/gnutls/guile/>.
-- 
cgit v1.2.1