diff --git a/crates/webpki/RUSTSEC-2023-0052.md b/crates/webpki/RUSTSEC-2023-0052.md
index 4d373c89..fb50b62c 100644
--- a/crates/webpki/RUSTSEC-2023-0052.md
+++ b/crates/webpki/RUSTSEC-2023-0052.md
@@ -10,7 +10,7 @@ related = ["CVE-2018-16875"]
 aliases = ["GHSA-8qv2-5vq6-g2g7"]
 
 [versions]
-patched = [">= 0.22.1"]
+patched = [">= 0.22.2"]
 ```
 
 # webpki: CPU denial of service in certificate path building
@@ -24,3 +24,5 @@ Both TLS clients and TLS servers that accept client certificate are affected.
 This was previously reported in
 <https://github.com/briansmith/webpki/issues/69> and re-reported recently
 by Luke Malinowski.
+
+webpki 0.22.1 included a partial fix and webpki 0.22.2 added further fixes.