diff --git a/changelog.txt b/changelog.txt
index 7ad3b0e2..8d40e46a 100644
--- a/changelog.txt
+++ b/changelog.txt
@@ -64,6 +64,7 @@ Fixed in develop branch for release v1.8.0:
 - General:  (infojunkie)      Work Item GH-276  - Convert properties to string in OOCalc reader
 - Security: (maartenba)       Work Item GH-322  - Disable libxml external entity loading by default.
                                                   This is to prevent XML External Entity Processing (XXE) injection attacks (see http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html for an explanation of XXE injection).
+                                                  Reference CVE-2014-2054
 
 
 Fixed in develop branch for release v1.7.9: