diff --git a/CHANGES b/CHANGES
index 0d5ca5de1e69a..e8287fb4d792e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,18 @@
 
  Changes between 1.1.1w and 1.1.1x [xx XXX xxxx]
 
+ *) Fixed timing side-channel in ECDSA signature computation.
+
+    There is a timing signal of around 300 nanoseconds when the top word of
+    the inverted ECDSA nonce value is zero. This can happen with significant
+    probability only for some of the supported elliptic curves. In particular
+    the NIST P-521 curve is affected. To be able to measure this leak, the
+    attacker process must either be located in the same physical computer or
+    must have a very fast network connection with low latency.
+
+    (CVE-2024-13176)
+    [Tomáš Mráz]
+
  *) Fixed possible OOB memory access with invalid low-level GF(2^m) elliptic
     curve parameters.
 
diff --git a/NEWS b/NEWS
index cdd12c6219f63..e3e6843530238 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,8 @@
 
   Major changes between OpenSSL 1.1.1w and OpenSSL 1.1.1x [under development]
 
+      o Fixed timing side-channel in ECDSA signature computation.
+        (CVE-2024-13176)
       o Fixed possible OOB memory access with invalid low-level GF(2^m) elliptic
         curve parameters.
         (CVE-2024-9143)