diff --git a/ChangeLog b/ChangeLog
index fd03f1ae3..37cf75052 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -46,14 +46,9 @@ Bugfix
      without providing a list of CAs. This was due to an overly strict bounds
      check in parsing the CertificateRequest message,
      introduced in Mbed TLS 2.12.0. Fixes #1954.
-   * Fix potential use-after-free in mbedtls_ssl_get_max_frag_len()
-     and mbedtls_ssl_get_record_expansion() after a session reset. Fixes #1941.
    * Fix a miscalculation of the maximum record expansion in
      mbedtls_ssl_get_record_expansion() in case of ChachaPoly ciphersuites,
      or CBC ciphersuites in (D)TLS versions 1.1 or higher. Fixes #1913, #1914.
-   * Fix overly strict bounds check in ssl_parse_certificate_request()
-     which could lead to valid CertificateRequest messages being rejected.
-     Fixes #1954.
    * Fix undefined shifts with negative values in certificates parsing
      (found by Catena cyber using oss-fuzz)
    * Fix memory leak and free without initialization in pk_encrypt