diff --git a/ChangeLog b/ChangeLog
index c527e0603..ca2e71780 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,22 +4,27 @@ mbed TLS ChangeLog (Sorted per branch, date)
 
 Security
    * Added fix for CVE-2015-xxxxx to prevent heap corruption due to buffer
-     overflow of the hostname or session ticket. Found by Guido Vranken.
+     overflow of the hostname or session ticket. Found by Guido Vranken,
+     Intelworks.
    * Fix potential double-free if mbedtls_ssl_set_hs_psk() is called more than
      once in the same handhake and mbedtls_ssl_conf_psk() was used.
-     Found and patch provided by Guido Vranken. Cannot be forced remotely.
+     Found and patch provided by Guido Vranken, Intelworks. Cannot be forced
+     remotely.
    * Fix stack buffer overflow in pkcs12 decryption (used by
      mbedtls_pk_parse_key(file)() when the password is > 129 bytes.
-     Found by Guido Vranken. Not triggerable remotely.
+     Found by Guido Vranken, Intelworks. Not triggerable remotely.
    * Fix potential buffer overflow in mbedtls_mpi_read_string().
-     Found by Guido Vranken. Not exploitable remotely in the context of TLS,
-     but might be in other uses. On 32 bit machines, requires reading a string
-     of close to or larger than 1GB to exploit; on 64 bit machines, would require
-     reading a string of close to or larger than 2^62 bytes.
+     Found by Guido Vranken, Intelworks. Not exploitable remotely in the context
+     of TLS, but might be in other uses. On 32 bit machines, requires reading a
+     string of close to or larger than 1GB to exploit; on 64 bit machines, would
+     require reading a string of close to or larger than 2^62 bytes.
    * Fix potential random memory allocation in mbedtls_pem_read_buffer()
-     on crafted PEM input data. Found an fix provided by Guid Vranken.
-     Not triggerable remotely in TLS. Triggerable remotely if you accept PEM
-     data from an untrusted source.
+     on crafted PEM input data. Found and fix provided by Guido Vranken,
+     Intelworks. Not triggerable remotely in TLS. Triggerable remotely if you
+     accept PEM data from an untrusted source.
+   * Fix possible heap buffer overflow in base64_encoded() when the input
+     buffer is 512MB or larger on 32-bit platforms. Found by Guido Vranken,
+     Intelworks. Not trigerrable remotely in TLS.
 
 Changes
    * Added checking of hostname length in mbedtls_ssl_set_hostname() to ensure
@@ -29,13 +34,6 @@ Changes
 
 = mbed TLS 2.1.1 released 2015-09-17
 
-Security
-   * Fix possible heap buffer overflow in base64_encoded() when the input
-     buffer is 512MB or larger on 32-bit platforms.
-     Found by Guido Vranken. Not trigerrable remotely in TLS.
-
-= mbed TLS 2.1.1 released 2015-09-17
-
 Security
    * Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5
      signatures. (Found by Florian Weimer, Red Hat.)