diff --git a/busybox.changes b/busybox.changes
index da4618b..0580a50 100644
--- a/busybox.changes
+++ b/busybox.changes
@@ -14,8 +14,8 @@ Thu Jan  6 06:37:24 UTC 2022 - Radoslav Kolev <radoslav.kolev@suse.com>
   * CVE-2016-2148 (bsc#970662): heap-based buffer overflow in OPTION_6RD parsing
   * CVE-2016-6301 (bsc#991940): NTP server denial of service flaw
   * CVE-2017-15873 (bsc#1064976): The get_next_block function in archival/libarchive/decompress_bunzip2.c has an Integer Overflow
-  * CVE-2017-15874 (bsc#1064976): archival/libarchive/decompress_unlzma.c has an Integer Underflow
-  * CVE-2019-5747 (bsc#1064976): out of bounds read in udhcp components
+  * CVE-2017-15874 (bsc#1064978): archival/libarchive/decompress_unlzma.c has an Integer Underflow
+  * CVE-2019-5747 (bsc#1121428): out of bounds read in udhcp components
   * CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376,
     CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380,
     CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384,