diff --git a/docs/updates.md b/docs/updates.md
new file mode 100644
index 0000000..a898913
--- /dev/null
+++ b/docs/updates.md
@@ -0,0 +1,53 @@
+# SIG/Security News
+
+These are what we consider significant SIG/Security news items, not an exhaustive list of package updates and wiki edits.
+
+## December 18, 2023
+
+This SIG/Security News wiki page has been created, retroactively identifying and listing selected news items so far.
+
+[control](packages/control.md) `0.8.0-4` can now manage 3 privileged programs from `util-linux` (and `util-linux-core`): `mount`, `umount` (one "facility" for both), and `write`. Its wiki page has been reworked.
+
+## December 14, 2023
+
+[control](packages/control.md) wiki page added, documenting the new package.
+
+`control` provides a common interface to register and control (what it calls) system facilities.
+This is intended primarily for facilities that can potentially be dangerous to system security, to let you enable, disable, or configure each facility.
+A typical facility is a SUID/SGID/setcap program or a configuration setting of a service.
+
+Included initially are facility specifications corresponding to the `shadow-utils` package. Currently, these allow to `control` access to 5 privileged programs - 3 of them (`chage`, `gpasswd`, and `newgrp`) are by default SUID root and 2 (`newuidmap` and `newgidmap`) are `cap_setuid=ep`.
+
+## November 25, 2023
+
+Everything we had so far has been updated for EL 9.3 and 8.9, including our hardened EL9 [glibc](packages/glibc.md) and [openssh](packages/openssh.md) packages rebased on 9.3's and [lkrg](packages/lkrg.md) rebuilt for 9.3's and 8.9's kernels, along with re-testing and wiki edits.
+
+The `rocky-release-security` package containing our repository configuration has been made (a while earlier) easier to use on EL distros other than Rocky Linux, and we've now updated the wiki accordingly.
+
+## November 16 to 19, 2023
+
+[microcode_ctl](packages/microcode_ctl.md) also for EL8, providing 8.9's Intel CPU microcode to fix [CVE-2023-23583](issues/CVE-2023-23583.md) a few days before general availability of our own 8.9 release as a whole.
+
+## November 16, 2023
+
+Wiki pages [lkrg](packages/lkrg.md) and [passwdqc](packages/passwdqc.md) have been created. We had these extra packages for a while, but previously only had wiki pages for override packages (referring solely to upstream homepages for the extra packages).
+
+## November 15, 2023
+
+We've started maintaining wiki pages for selected high profile security issues, initially for glibc [CVE-2023-4911](CVE-2023-4911.md) and Intel CPU microcode [CVE-2023-23583](issues/CVE-2023-23583.md).
+
+[microcode_ctl](packages/microcode_ctl.md) for EL9, providing latest Intel CPU microcode to fix [CVE-2023-23583](issues/CVE-2023-23583.md) ahead of availability of a rebuilt new upstream package.
+
+## October 31 to November 15, 2023
+
+[hardened_malloc](packages/hardened_malloc.md) package - a security-focused memory allocator providing the `malloc(3)` API, and a script to preload it into existing program binaries. Its documentation on the wiki.
+
+## October 13, 2023
+
+We've started maintaining per-package wiki pages, initially for the override packages of [glibc](packages/glibc.md) and [openssh](packages/openssh.md).
+
+We've added instructions for installation of Rocky Linux SIG/Security repository on other EL distros (non-Rocky).
+
+## October 3, 2023
+
+Initial wiki content documenting what we had so far, which included override packages of [glibc](packages/glibc.md) and [openssh](packages/openssh.md) and extra packages of [lkrg](packages/lkrg.md) and [passwdqc](packages/passwdqc.md) (even though these per-package wiki pages did not exist yet, so we instead had summaries and external links on the front page only), the repository package, [source code repositories](https://git.rockylinux.org/sig/security/src), and [Mattermost channel](https://chat.rockylinux.org/rocky-linux/channels/security).