From 0132f4d1da983638bcf8f13cc1a1fef6decc387b Mon Sep 17 00:00:00 2001
From: John McLear <john@mclear.co.uk>
Date: Sat, 7 Apr 2018 10:13:09 +0100
Subject: [PATCH] Include CVE #

---
 CHANGELOG.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index bd79182c9..02accf8cb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,8 +1,8 @@
 # 1.6.4
- * SECURITY: exploitable /admin access
- * SECURITY: DoS with pad exports
- * SECURITY: Remote Code Execution
- * SECURITY: Pad data leak
+ * SECURITY: exploitable /admin access - CVE-2018-9845
+ * SECURITY: DoS with pad exports - CVE-2018-9327
+ * SECURITY: Remote Code Execution - CVE-2018-9326
+ * SECURITY: Pad data leak - CVE-2018-9325
  * Fix: Admin redirect URL
  * Fix: Various script Fixes
  * Fix: Various CSS/Style/Layout fixes
@@ -10,7 +10,7 @@
  * NEW: Hook: onAccessCheck
  * NEW: SESSIONKEY and APIKey customizable path
  * NEW: checkPads script
- * NEW: Support "cluster mode" 
+ * NEW: Support "cluster mode"
 
 # 1.6.3
  * SECURITY: Update ejs