--- a/ChangeLog	Fri Jun 08 14:24:53 2012 +0100
+++ b/ChangeLog	Mon Jun 11 18:46:05 2012 +0100
@@ -1,3 +1,7 @@
+2012-06-11  Andrew John Hughes  <ahughes@redhat.com>
+
+	* NEWS: Add CVE numbers.
+
 2012-06-08  Andrew John Hughes  <ahughes@redhat.com>
 
 	* NEWS: Set release date.

--- a/NEWS	Fri Jun 08 14:24:53 2012 +0100
+++ b/NEWS	Mon Jun 11 18:46:05 2012 +0100
@@ -12,18 +12,18 @@
 New in release 1.10.8 (2012-06-12):
 
 * Security fixes
-  - S7079902: Refine CORBA data models
+  - S7079902, CVE-2012-1711: Refine CORBA data models
   - S7110720: Issue with vm config file loadingIssue with vm config file loading
-  - S7143606: File.createTempFile should be improved for temporary files created by the platform.
-  - S7143614: SynthLookAndFeel stability improvement
-  - S7143617: Improve fontmanager layout lookup operations
-  - S7143851: Improve IIOP stub and tie generation in RMIC
-  - S7143872: Improve certificate extension processing
+  - S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform.
+  - S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement
+  - S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations
+  - S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC
+  - S7143872, CVE-2012-1718: Improve certificate extension processing
   - S7145239: Finetune package definition restriction
-  - S7152811: Issues in client compiler
-  - S7157609: Issues with loop
+  - S7152811, CVE-2012-1723: Issues in client compiler
+  - S7157609, CVE-2012-1724: Issues with loop
   - S7160677: missing else in fix for 7152811
-  - S7160757: Problem with hotspot/runtime_classfile
+  - S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile
 * Bug fixes
   - PR1018: JVM fails due to SEGV during rendering some Unicode characters (part of 6886358)