diff --git a/cgit.changes b/cgit.changes
index 15ddd4b..a50b723 100644
--- a/cgit.changes
+++ b/cgit.changes
@@ -17,7 +17,7 @@ Thu Jan 14 15:25:28 UTC 2016 - jengelh@inai.de
   Mimetype Query String; Stored Cross Site Scripting & Header
   Injection in Filename Parameter; Stored Cross Site Scripting in
   Git Repo Files; Integer Overflow resulting in Buffer Overflow
-  [boo#961916]
+  [boo#961916 CVE-2016-1899 CVE-2016-1900 CVE-2016-1901]
 - Update bundled git tarball to 2.7.0 (build-time requirement)
 
 -------------------------------------------------------------------