diff --git a/ChangeLog.d/fix-in-cid-buffer-size.txt b/ChangeLog.d/fix-in-cid-buffer-size.txt
index c8ede1f1c8..8a6c850232 100644
--- a/ChangeLog.d/fix-in-cid-buffer-size.txt
+++ b/ChangeLog.d/fix-in-cid-buffer-size.txt
@@ -1,15 +1,4 @@
-Bugfix
-    * Fix potential buffer overflow in DTLS with MBEDTLS_SSL_DTLS_CONNECTION_ID
-      enabled leading to context corruption.
-
 Security
-    * Fix potential memory probe through non-constant time memcmp() in DTLS
-      with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled. The memory probe is possible
-      only under very specific and unlikely conditions:
-      2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
-      MBEDTLS_SSL_CONTEXT_SERIALIZATION is disabled,
-      MBEDTLS_SERVER_HELLO_RANDOM_LEN + MBEDTLS_CLIENT_HELLO_RANDOM_LEN +
-      2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
-      MBEDTLS_SSL_CONTEXT_SERIALIZATION is enabled. Those conditions are not
-      met with the default values of MBEDTLS_SSL_CID_IN_LEN_MAX and
-      MBEDTLS_SSL_CID_OUT_LEN_MAX where the two maximum lengths are equal.
+    * Fix potential heap buffer overread and overwrite in DTLS if
+      MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
+      MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.