diff --git a/RELNOTES b/RELNOTES
index ed566e34..2c861576 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -155,11 +155,15 @@ work on other platforms. Please report any problems and suggested fixes to
 ! A stack overflow vulnerability was fixed in dhclient that could allow
   remote attackers to execute arbitrary commands as root on the system,
   or simply terminate the client, by providing an over-long subnet-mask
-  option.
+  option.  CERT VU#410676 - CVE-2009-0692
 
 - Fixed a bug where relay agent options would never be returned when
   processing a DHCPINFORM.
 
+- Versions 3.0.x syntax with multiple name->code option definitions is now
+  supported.  Note that, similarly to 3.0.x, for by-code lookups only the
+  last option definition is used.
+
 			Changes since 4.1.0b1
 
 - A missing "else" in dhcrelay.c could have caused an interface not to
@@ -200,10 +204,6 @@ work on other platforms. Please report any problems and suggested fixes to
   one of either of those).  This resolves a bug where dual stack clients
   would not be able to regain their names after either expiration event.
 
-- Versions 3.0.x syntax with multiple name->code option definitions is now
-  supported.  Note that, similarly to 3.0.x, for by-code lookups only the
-  last option definition is used.
-
 			Changes since 4.1.0a1
 
 - Corrected list of failover state values in dhcpd man page.