diff --git a/ChangeLog b/ChangeLog
index 3de928d..e7f6711 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,17 @@
 ---------------------------------------------------------------------------
+Version 3.4.3 (stable), 2012-05-22
+- Fixed several security vulnerabilities discovered by Filippo Cavallarin. 
+  This contains the following fixes: 
+  - Fixed SQL Injection vulnerability in admin/view.php
+  - Fixed Cross Site scripting issue filter parameter on index.php
+  - Fixed Cross site scripting issue of id parameter on admin/reports.php 
+  - Fixed Cross site scripting issue of id parameter on admin/searches.php
+- Fixed arbitrary file read issue in Disk LogStream class.
+  The config.php file does now contain an array "DiskAllowed" which 
+  contains allowed directories. Only files located within these allowed 
+  directories can be accessed in LogAnalyzer. By default, 
+  only /var/log is allowed.
+---------------------------------------------------------------------------
 Version 3.4.2 (stable), 2012-05-07
 - Fixed a #bugid 303, VerifyChecksumTrigger function in logstreamdb 
   class did not generate a lowercase triggername.