From e65d1e92a10ebe2c774770128580951d389cf35c Mon Sep 17 00:00:00 2001
From: Frank Morgner <frankmorgner@gmail.com>
Date: Fri, 1 Sep 2023 11:57:22 +0200
Subject: [PATCH] Added missing CVEs to NEWS

fixes https://github.com/OpenSC/OpenSC/issues/2841
---
 NEWS | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/NEWS b/NEWS
index e5d01337be5..f217dfb0477 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,13 @@
 NEWS for OpenSC -- History of user visible changes
 
+# Addendum for 0.23.0; 2023-09-01
+* fixed security problems
+  * CVE-2021-42778 Heap double free in sc_pkcs15_free_tokeninfo
+  * CVE-2021-42779 Heap use after free in sc_file_valid
+  * CVE-2021-42780 Use after return in insert_pin function
+  * CVE-2021-42781 Heap buffer overflow in pkcs15-oberthur.c
+  * CVE-2021-42782 Stack buffer overflow issues in various places
+
 # New in 0.23.0; 2022-11-29
 ## General improvements
 * Support signing of data with a length of more than 512 bytes (#2314)