diff --git a/CHANGES b/CHANGES
index 2944acae75..bc985c517b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -173,9 +173,6 @@
 
  Changes between 0.9.8n and 1.0.0  [29 Mar 2010]
 
-  *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
-     [Steve Henson]
-
   *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
      context. The operation can be customised via the ctrl mechanism in
      case ENGINEs want to include additional functionality.
@@ -1017,6 +1014,9 @@
   
  Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
 
+  *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
+     [Steve Henson]
+
   *) Don't reencode certificate when calculating signature: cache and use
      the original encoding instead. This makes signature verification of
      some broken encodings work correctly.