diff --git a/ChangeLog b/ChangeLog
index 31b2c15ef..079661d4a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -41,15 +41,15 @@ Features
      curves and no longer needs to be configured explicitly to save RAM.
 
 Security
-* Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM)
-  private keys and of blinding values for DHM and elliptic curves (ECP)
-  computations. Reported by FlorianF89 in #4245.
-* Fix a potential side channel vulnerability in ECDSA ephemeral key generation.
-  An adversary who is capable of very precise timing measurements could
-  learn partial information about the leading bits of the nonce used for the
-  signature, allowing the recovery of the private key after observing a
-  large number of signature operations. This completes a partial fix in
-  Mbed TLS 2.20.0.
+   * Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM)
+     private keys and of blinding values for DHM and elliptic curves (ECP)
+     computations. Reported by FlorianF89 in #4245.
+   * Fix a potential side channel vulnerability in ECDSA ephemeral key generation.
+     An adversary who is capable of very precise timing measurements could
+     learn partial information about the leading bits of the nonce used for the
+     signature, allowing the recovery of the private key after observing a
+     large number of signature operations. This completes a partial fix in
+     Mbed TLS 2.20.0.
    * It was possible to configure MBEDTLS_ECP_MAX_BITS to a value that is
      too small, leading to buffer overflows in ECC operations. Fail the build
      in such a case.