docs/website/news.html: add Talos security vulnerabilities info

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website/news.html

@@ -9,6 +9,27 @@
 <h2>News</h2>
 <ul class="timeline">
 
+  <li class="timeline-inverted">
+    <div class="timeline-badge"><i class="glyphicon glyphicon-exclamation-sign"></i></div>
+    <div class="timeline-panel">
+      <div class="timeline-heading">
+	<h4 class="timeline-title">Talos security vulnerabilities</h4>
+	<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>6 December 2023</small></p>
+      </div>
+      <div class="timeline-body">
+	<p>Talos has recently published
+	<a href="https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844">TALOS-2023-1844</a>
+	and
+	<a href="https://talosintelligence.com/vulnerability_reports/TALOS-2023-1845">TALOS-2023-1845</a>
+	advisories, describing vulnerabilities in the download hash
+	verification logic of Buildroot. These issues are fixed in the
+	2023.02.8, 2023.08.4 and 2023.11 releases. For more details,
+	see the
+	<a href="https://lore.kernel.org/buildroot/87y1e7sq4u.fsf@48ers.dk/T/#u">announcement</a>.</p>
+      </div>
+    </div>
+  </li>
+
   <li>
     <div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
     <div class="timeline-panel">