doc: release-notes-4.4: add entry for TF-M 2.2.1 update

Document the update.

Signed-off-by: Tomi Fontanilles <[email protected]>

Author: tomi-font

doc/releases/release-notes-4.4.rst

@@ -41,6 +41,11 @@ The following sections provide detailed lists of changes by component.
 Security Vulnerability Related
 ******************************
 
+The following CVEs are addressed by this release:
+
+* :cve:`2025-53022` `(TF-M) FWU does not check the length of the TLV’s payload
+  <https://trustedfirmware-m.readthedocs.io/en/latest/security/security_advisories/fwu_tlv_payload_out_of_bounds_vulnerability.html>`_
+
 API Changes
 ***********
 
@@ -121,6 +126,9 @@ Libraries / Subsystems
 Other notable changes
 *********************
 
+* TF-M was updated to version 2.2.1 (from 2.2.0). The release notes can be found at:
+  https://trustedfirmware-m.readthedocs.io/en/latest/releases/2.2.1.html
+
 ..
   Any more descriptive subsystem or driver changes. Do you really want to write
   a paragraph or is it enough to link to the api/driver/Kconfig/board page above?