diff --git a/wordpress.spec b/wordpress.spec
index 8ca7d21..63c51dd 100644
--- a/wordpress.spec
+++ b/wordpress.spec
@@ -6,7 +6,7 @@ URL: http://www.wordpress.org
 Name: wordpress
 Version: 3.3.2
 Group: Applications/Publishing
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2
 Source0: http://wordpress.org/%{name}-%{version}.tar.gz
 Source1: wordpress-httpd-conf
@@ -116,10 +116,12 @@ rm -rf ${RPM_BUILD_ROOT}
 %dir %{_sysconfdir}/wordpress
 
 %changelog
-* Mon Apr 23 2012 'Matěj Cepl <mcepl@redhat.com>' - 3.3.2-1
+* Mon Apr 23 2012 'Matěj Cepl <mcepl@redhat.com>' - 3.3.2-2
 - Security updates for uploading files.
-  (apparently no CVE exists yet;
-  http://seclists.org/oss-sec/2012/q2/164)
+  * Fixed CVE-2011-0700: two XSS bug. Affects users of the Author
+    or Contributor role.
+  * Fixed CVE-2011-0701: potential information disclosure of
+    posts through the media uploader.
 
 * Wed Jan 04 2012 'Matěj Cepl <mcepl@redhat.com>' - 3.3.1-1
 - Security (XSS) and maintenance upstream release.