Document CVE-2017-8105.
diff --git a/docs/CHANGES b/docs/CHANGES
index c3c1402..8ad5dfa 100644
--- a/docs/CHANGES
+++ b/docs/CHANGES
@@ -29,6 +29,11 @@ CHANGES BETWEEN 2.7.1 and 2.8
now scales the font linearly again (bug introduced in version
2.4.6).
+ - CVE-2017-8105: Older FreeType versions has an out-of-bounds write
+ caused by a heap-based buffer overflow related to the Type 1 fonts.
+
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
+
III. MISCELLANEOUS