diff --git a/qutebrowser.changes b/qutebrowser.changes
index 2a311a1..83012cc 100644
--- a/qutebrowser.changes
+++ b/qutebrowser.changes
@@ -7,7 +7,7 @@ Fri Jun 22 10:25:18 UTC 2018 - 9+suse@cirno.systems
       websites to inject HTML into the page via a crafted title
       tag. This could allow them to steal your browsing history.
       If you're currently unable to upgrade, avoid using :history.
-      A CVE request for this issue is pending.
+      This issue has been assigned CVE-2018-1000559.
   Fixed:
     * Crash in a workaround for a Qt 5.11 bug in rare
       circumstances.