[master] Release notes for Istio 1.13.9 (#12082)

* Release notes for Istio 1.13.9

* Fix lint

* Fix lint

* Fix lint

* Fix lint

* Revisions

* Update notes

* An edit

* Update release date

* Edit notes

Co-authored-by: Lei Tang <32078630+lei-tang@users.noreply.github.com>

.spelling

@@ -302,6 +302,7 @@ CVE-2022-29226
 CVE-2022-29227
 CVE-2022-29228
 CVE-2022-31045
+CVE-2022-41715
 cves
 CVEs
 cvss

content/en/news/releases/1.13.x/announcing-1.13.9/index.md

@@ -0,0 +1,26 @@
+---
+title: Announcing Istio 1.13.9
+linktitle: 1.13.9
+subtitle: Patch Release
+description: Istio 1.13.9 patch release.
+publishdate: 2022-10-11
+release: 1.13.9
+---
+
+This release contains a patch for [CVE-2022-41715](https://github.com/golang/go/issues/55949) and bug fixes to improve robustness. This release note describes what is different between Istio 1.13.8 and Istio 1.13.9.
+
+{{< relnote >}}
+
+## Security update
+
+- Patch for [CVE-2022-41715](https://github.com/golang/go/issues/55949). Replaces all uses of `stdlib` `regexp` with the Go 1.19.2 `stdlib` implementation. This will guard against DOS via malformed regular expressions.
+
+## Changes
+
+- **Fixed** an issue where the user can not delete the Istio Operator resource with revision if istiod is not running.  ([Issue #40796](https://github.com/istio/istio/issues/40796))
+
+- **Fixed** a bug where the return dynamically generated by `jwks` was not base64 encoded, causing Envoy to fail to parse it.
+
+- **Fixed** an issue where a root namespace `Sidecar` configuration would be ignored.
+
+- **Fixed** the gateway API integration to not fail when the `v1alpha2` version is removed.