diff --git a/mozilla-nss.changes b/mozilla-nss.changes
index eeb0005..38df0a7 100644
--- a/mozilla-nss.changes
+++ b/mozilla-nss.changes
@@ -12,6 +12,8 @@ Tue Jan  7 08:39:04 UTC 2014 - wr@rosenauer.org
   * When false start is enabled, libssl will sometimes return
     unencrypted, unauthenticated data from PR_Recv
     (CVE-2013-1740, bmo#919877)
+  * MFSA 2014-12/CVE-2014-1490/CVE-2014-1491
+    NSS ticket handling issues
   New functionality
   * Implemented OCSP querying using the HTTP GET method, which is
     the new default, and will fall back to the HTTP POST method.