diff --git a/python-requests.changes b/python-requests.changes
index a00168c..9d51d1a 100644
--- a/python-requests.changes
+++ b/python-requests.changes
@@ -22,7 +22,7 @@ Tue Jun 30 08:39:24 UTC 2015 - lnussel@suse.de
 -------------------------------------------------------------------
 Mon Apr 20 12:25:21 UTC 2015 - mcihar@suse.cz
 
-- Update to 2.6.0:
+- Update to 2.6.0 (bsc#922448, CVE-2015-2296):
   - Fix handling of cookies on redirect. Previously a cookie without a host
     value set would use the hostname for the redirected URL exposing requests
     users to session fixation attacks and potentially cookie stealing. This was
@@ -45,7 +45,7 @@ Mon Apr 20 12:25:21 UTC 2015 - mcihar@suse.cz
 -------------------------------------------------------------------
 Tue Feb 24 13:04:17 UTC 2015 - tbechtold@suse.com
 
-- update to 2.5.2:
+- update to 2.5.2 (bsc#929736):
   * Update HISTORY and version for v2.5.2
   * Update urllib3 to 29aa09bde9c42cc9a8d79aac47ee3d362b438cca
   * document combination of repeated response headers