--- a/ChangeLog	Wed Feb 08 12:02:26 2012 -0500
+++ b/ChangeLog	Fri Feb 10 13:14:23 2012 -0500
@@ -1,3 +1,7 @@
+2012-02-10  Omair Majid  <omajid@redhat.com>
+
+	* NEWS: Update with CVE numbers.
+
 2012-02-08  Omair Majid  <omajid@redhat.com>
 
 	* configure.ac: Bump to 1.11.1.

--- a/NEWS	Wed Feb 08 12:02:26 2012 -0500
+++ b/NEWS	Fri Feb 10 13:14:23 2012 -0500
@@ -13,15 +13,15 @@
 New in release 1.11.1 (2012-02-14):
 
 * Security fixes
-  -S7082299, CVE-XXX-YYYY: Fix in AtomicReferenceArray
-  -S7088367, CVE-XXX-YYYY: Fix issues in java sound
-  -S7110683, CVE-XXX-YYYY: Issues with some KeyboardFocusManager method
-  -S7110687, CVE-XXX-YYYY: Issues with TimeZone class
-  -S7110700, CVE-XXX-YYYY: Enhance exception throwing mechanism in ObjectStreamClass
-  -S7110704, CVE-XXX-YYYY: Issues with some method in corba
-  -S7112642, CVE-XXX-YYYY: Incorrect checking for graphics rendering object
-  -S7118283, CVE-XXX-YYYY: Better input parameter checking in zip file processing
-  -S7126960, CVE-XXX-YYYY: (httpserver) Add property to limit number of request headers to the HTTP Server
+  - S7082299, CVE-2011-3571: Fix in AtomicReferenceArray
+  - S7088367, CVE-2011-3563: Fix issues in java sound
+  - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method
+  - S7110687, CVE-2012-0503: Issues with TimeZone class
+  - S7110700, CVE-2012-0505: Enhance exception throwing mechanism in ObjectStreamClass
+  - S7110704, CVE-2012-0506: Issues with some method in corba
+  - S7112642, CVE-2012-0497: Incorrect checking for graphics rendering object
+  - S7118283, CVE-2012-0501: Better input parameter checking in zip file processing
+  - S7126960, CVE-2011-5035: (httpserver) Add property to limit number of request headers to the HTTP Server
 * Bug fixes
   - PR865: Patching fails with patches/ecj/jaxws-getdtdtype.patch