diff --git a/ChangeLog.md b/ChangeLog.md
index d49a006..eddd7a2 100644
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -4,6 +4,17 @@ Change Log
 All notable changes in libConfuse are documented in this file.
 
 
+[v3.2.2][] - 2018-08-19
+-----------------------
+
+This is a security patch release for CVE-2018-14447.  The vulnerability
+affects all releases since v3.1 when the `CFGF_COMMENTS` functionality
+was first introduced.
+
+### Fixes
+* Issue #109: Out of bounds read in `lexer.l:trim_whitespace()`.
+
+
 [v3.2.1][] - 2017-08-17
 -----------------------
 
@@ -349,7 +360,8 @@ v1.2.2 - 2002-11-27
 * updated the manual
 
 
-[UNRELEASED]: https://github.com/martinh/libconfuse/compare/v3.2.1...HEAD
+[UNRELEASED]: https://github.com/martinh/libconfuse/compare/v3.2.2...HEAD
+[v3.2.2]: https://github.com/martinh/libconfuse/compare/v3.2.1...v3.2.2
 [v3.2.1]: https://github.com/martinh/libconfuse/compare/v3.2...v3.2.1
 [v3.2]:   https://github.com/martinh/libconfuse/compare/v3.1...v3.2
 [v3.1]:   https://github.com/martinh/libconfuse/compare/v3.0...v3.1
diff --git a/configure.ac b/configure.ac
index 5178d36..3890d7f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@ dnl Process this file with -*- autoconf -*- to produce a configure script.
 
 AC_PREREQ(2.50)
 
-AC_INIT(libConfuse, 3.2.1, https://github.com/martinh/libconfuse/issues, confuse)
+AC_INIT(libConfuse, 3.2.2, https://github.com/martinh/libconfuse/issues, confuse)
 AC_CONFIG_AUX_DIR(support)
 AM_MAINTAINER_MODE
 AM_INIT_AUTOMAKE([foreign dist-xz])