diff --git a/ChangeLog b/ChangeLog
index fab5ae813..31c6e741c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,12 +5,15 @@ phpMyAdmin - ChangeLog
 $Id$
 $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $
 
+3.3.10.3 (not released)
+- [security] Fixed XSS vulnerability, see PMASA-2011-9
+- [security] Fixed possible session manipulation in swekey authentication, see PMASA-2011-12
+
 3.3.10.2 (2011-07-02)
 - [security] Fixed possible session manipulation in swekey authentication, see PMASA-2011-5
 - [security] Fixed possible code injection incase session variables are compromised, see PMASA-2011-6
 - [security] Fixed regexp quoting issue in Synchronize code, see PMASA-2011-7
 - [security] Fixed filtering of a file path, which allowed for directory traversal, see PMASA-2011-8
-- [security] Fixed possible session manipulation in swekey authentication, see PMASA-2011-12
 
 3.3.10.1 (2011-05-20)
 - [security] XSS on Tracking page