diff --git a/pcre2.changes b/pcre2.changes
index ab562d5..3689b6b 100644
--- a/pcre2.changes
+++ b/pcre2.changes
@@ -25,6 +25,13 @@ Mon Sep 11 18:14:30 UTC 2017 - jengelh@inai.de
   * The match limit value now also applies to pcre2_dfa_match()
     as there are patterns that can use up a lot of resources
     without necessarily recursing very deeply.
+  * Various minor security fixes found by fuzzers:
+    + bsc#1037165: crash for forward reference in lookbehind with 
+                   PCRE2_ANCHORED
+    + CVE-2017-8786: heap-based buffer overflow write in pcre2test
+                     (bsc#1036942)
+    + CVE-2017-7186: DoS by triggering an invalid Unicode property
+                     lookup (bsc#1030066) 
 - Switch source URLs to use HTTP.
 
 -------------------------------------------------------------------