diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 7faefaf..c7993d7 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -22,16 +22,30 @@ Tue Oct  2 10:08:00 UTC 2018 - wr@rosenauer.org
   * Calendar: First day of the week can now be set
   * Calendar: Several fixes related to cutting/deleting of events
     and email schedulin
-  * Fix date display issues (boo#1109379)
+  * Fix date display issues (bsc#1109379)
   * Fix start-up crash due to folder name with special characters
-    (boo#1107772)
-- security fixes for the Mozilla platform picked up from 60.1 and
+    (bsc#1107772)
+- Security fixes for the Mozilla platform picked up from 60.1 and
   60.2 (Firefox ESR releases). In general, these flaws
   cannot be exploited through email in Thunderbird because
   scripting is disabled when reading mail, but are potentially
-  risks in browser or browser-like contexts:
-  * bsc#1098998, bsc#1107343, bsc#1110506, bsc#1110507,
-    boo#1107343, boo#1109363
+  risks in browser or browser-like contexts (MFSA 2018-25):
+  * CVE-2018-12377 (bsc#1107343, bmo#1470260)
+    Use-after-free in refresh driver timers
+  * CVE-2018-12378 (bsc#1107343, bmo#1459383)
+    Use-after-free in IndexedDB
+  * CVE-2017-16541 (bsc#1066489, bmo#1412081)
+    Proxy bypass using automount and autofs
+  * CVE-2018-12376 (bmo#69309,bmo#69914,bmo#50989,bmo#80092,
+    bmo#80517,bmo#81093,bmo#78575,bmo#71953,bmo#73161,bmo#66991,
+    bmo#68738,bmo#83120,bmo#67363,bmo#72925,bmo#66577,bmo#67889,
+    bmo#80521,bsc#1107343)
+    Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
+  * CVE-2018-12385 (bsc#1109363, bmo#1490585)
+    Crash in TransportSecurityInfo due to cached data
+  * CVE-2018-12383 (bsc#1107343, bmo#1475775)
+    Setting a master password did not delete unencrypted
+    previously stored passwords
 
 -------------------------------------------------------------------
 Tue Sep 11 09:59:08 UTC 2018 - Guillaume GARDET <guillaume.gardet@opensuse.org>
diff --git a/MozillaThunderbird.spec b/MozillaThunderbird.spec
index 91d80d2..796a4ae 100644
--- a/MozillaThunderbird.spec
+++ b/MozillaThunderbird.spec
@@ -13,7 +13,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
 #