Issue #13636: Weak ciphers are now disabled by default in the ssl module
(except when SSLv2 is explicitly asked for).
diff --git a/Misc/NEWS b/Misc/NEWS
index da9e9de..6e5b7f3 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -97,6 +97,9 @@
 Library
 -------
 
+- Issue #13636: Weak ciphers are now disabled by default in the ssl module
+  (except when SSLv2 is explicitly asked for).
+
 - Issue #12798: Updated the mimetypes documentation.
 
 - Issue #11006: Don't issue low level warning in subprocess when pipe2() fails.