diff --git a/ChangeLog b/ChangeLog
index 19722b6c5..9c8961ff1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -11,6 +11,10 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
 - [core] do not automatically set and create TempDir, it might lead to security
   issue (thanks to Thijs Kinkhorst)
 
+2.11.9.5 (2009-03-24)
+- [security] XSS vulnerability on export page
+- [security] Insufficient output sanitizing when generating configuration file
+
 2.11.9.4 (2008-12-09)
 - [security] possible XSRF on several pages