diff --git a/MozillaThunderbird.changes b/MozillaThunderbird.changes
index 459d4b2..8716e9b 100644
--- a/MozillaThunderbird.changes
+++ b/MozillaThunderbird.changes
@@ -24,21 +24,21 @@ Tue Sep 10 07:33:52 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
     alternative.
   * several bugfixes
   MFSA 2019-30
-  * CVE-2019-11739 (bmo#1571481)
+  * CVE-2019-11739 (bmo#1571481, boo#1150939)
     Covert Content Attack on S/MIME encryption using a crafted
     multipart/alternative message
-  * CVE-2019-11746 (bmo#1564449)
+  * CVE-2019-11746 (bmo#1564449, boo#1149297)
     Use-after-free while manipulating video
-  * CVE-2019-11744 (bmo#1562033)
+  * CVE-2019-11744 (bmo#1562033, boo#1149304)
     XSS by breaking out of title and textarea elements using innerHTML
-  * CVE-2019-11742 (bmo#1559715)
+  * CVE-2019-11742 (bmo#1559715, boo#1149303)
     Same-origin policy violation with SVG filters and canvas to steal
     cross-origin images
-  * CVE-2019-11752 (bmo#1501152)
+  * CVE-2019-11752 (bmo#1501152, boo#1149296)
     Use-after-free while extracting a key value in IndexedDB
-  * CVE-2019-11743 (bmo#1560495)
+  * CVE-2019-11743 (bmo#1560495, boo#1149298)
     Cross-origin access to unload event attributes
-  * CVE-2019-11740 (bmo#1563133,bmo#1573160)
+  * CVE-2019-11740 (bmo#1563133,bmo#1573160, boo#1149299)
     Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox
     ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9
 - removed upstreamed fix-build-after-y2038-changes-in-glibc.patch