diff --git a/irssi.changes b/irssi.changes
index ceda94a..2771cf2 100644
--- a/irssi.changes
+++ b/irssi.changes
@@ -28,8 +28,9 @@ Fri Jan  6 11:28:09 UTC 2017 - astieger@suse.com
   servers or receiving specially crafted data [boo#1018357]:
   * CVE-2017-5193: NULL pointer dereference in the nickcmp function
   * CVE-2017-5194: out of bounds read in certain incomplete control codes
-  * CVE-2017-5195: out of bounds read in certain incomplete character sequences 
+  * CVE-2017-5195: out of bounds read in certain incomplete character sequences
   * CVE-2017-5196: Correct an error when receiving invalid nick message
+  * CVE-2017-5356: out of bounds read in format string [boo#1019809]
 - drop irssi-0.8.20-buf.pl.patch, upstream
 
 -------------------------------------------------------------------