diff --git a/ChangeLog.d/tls13-only-server-infinite-loop.txt b/ChangeLog.d/tls13-only-server-infinite-loop.txt
deleted file mode 100644
index 7232242c8..000000000
--- a/ChangeLog.d/tls13-only-server-infinite-loop.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Security
-   * Fixed a denial of service in TLS 1.3-only server (TLS 1.2 support
-     disabled at build time): a TLS client could put the TLS 1.3-only server in
-     an infinite loop processing a TLS 1.2 ClientHello. Reported by Matthias
-     Mucha and Thomas Blattmann, SICK AG.
diff --git a/ChangeLog.d/tls13-only-server.txt b/ChangeLog.d/tls13-only-server.txt
new file mode 100644
index 000000000..0ee63eab8
--- /dev/null
+++ b/ChangeLog.d/tls13-only-server.txt
@@ -0,0 +1,10 @@
+Security
+   * When negotiating TLS version on server side, do not fallback to the
+     TLS 1.2 implementation of the protocol if it is not enabled.
+     - If the TLS 1.2 implementation was disabled at build time, a TLS 1.2
+       client was able to put the TLS 1.3-only server in an infinite loop
+       processing a TLS 1.2 ClientHello, resulting in a Denial of Service.
+       Reported by Matthias Mucha and Thomas Blattmann, SICK AG.
+     - If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client
+       was able to successfully established a connection with the TLS 1.3-only
+       server. Reported by alluettiv on GitHub.