Document CVE-2017-8287.
diff --git a/docs/CHANGES b/docs/CHANGES
index d42accb..8df2b13 100644
--- a/docs/CHANGES
+++ b/docs/CHANGES
@@ -29,11 +29,12 @@ CHANGES BETWEEN 2.7.1 and 2.8
now scales the font linearly again (bug introduced in version
2.4.6).
- - CVE-2017-8105: Older FreeType versions has an out-of-bounds
- write caused by a heap-based buffer overflow related to the Type
- 1 fonts.
+ - CVE-2017-8105, CVE-2017-8287: Older FreeType versions have
+ out-of-bounds writes caused by heap-based buffer overflows
+ related to Type 1 fonts.
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
III. MISCELLANEOUS