diff --git a/CHANGES b/CHANGES
index 2db00949a..7d86ea3e7 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,9 @@
 CHANGES - changes for libtpms
 
+version 0.10.2:
+  - tpm2: Fix memory leak by freeing KDF context
+  - tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
 version 0.10.1:
   - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
   - tpm2: fix build for LibreSSL 4.1.0
diff --git a/debian/changelog b/debian/changelog
index 4fbe56c2c..43f1dea44 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+libtpms (0.10.2) RELEASED; urgency=high
+
+  * tpm2: Fix memory leak by freeing KDF context
+  * tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
+ -- Stefan Berger <stefanb@linux.ibm.com>  Tue, 2 Jan 2026 09:00:00 -0500
+
 libtpms (0.10.1) RELEASED; urgency=high
 
   * tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
diff --git a/dist/libtpms.spec b/dist/libtpms.spec
index e2b234c30..68dc47106 100644
--- a/dist/libtpms.spec
+++ b/dist/libtpms.spec
@@ -112,6 +112,10 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libtpms.la
 %postun -p /sbin/ldconfig
 
 %changelog
+* Fri Jan 02 2026 Stefan Berger - 0.10.2-1
+- tpm2: Fix memory leak by freeing KDF context
+- tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
 * Tue Jun 10 2025 Stefan Berger - 0.10.1-1
 - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
 - tpm2: fix build for LibreSSL 4.1.0
diff --git a/dist/libtpms.spec.in b/dist/libtpms.spec.in
index 4f6201a23..0c5fd0797 100644
--- a/dist/libtpms.spec.in
+++ b/dist/libtpms.spec.in
@@ -112,6 +112,10 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libtpms.la
 %postun -p /sbin/ldconfig
 
 %changelog
+* Fri Jan 02 2026 Stefan Berger - 0.10.2-1
+- tpm2: Fix memory leak by freeing KDF context
+- tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
 * Tue Jun 10 2025 Stefan Berger - 0.10.1-1
 - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
 - tpm2: fix build for LibreSSL 4.1.0