diff --git a/ChangeLog b/ChangeLog
index 8db6551c5..59a1c0d63 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,6 +13,10 @@ Bugfix
      Found by redplait #590
    * Add MBEDTLS_MPI_CHK to check for error value of mbedtls_mpi_fill_random.
      Reported and fix suggested by guidovranken in #740
+   * Fix a potential integer overflow in the version verification for DER
+     encoded X509 CRLs. The overflow would enable maliciously constructed CRLs
+     to bypass the version verification check. Found by Peng Li/Yueh-Hsun Lin,
+     KNOX Security, Samsung Research America
 
 Security
    * Fix authentication bypass in SSL/TLS: when auth_mode is set to optional,