diff --git a/ChangeLog.d/pkcs7-padding-side-channel-fix.txt b/ChangeLog.d/pkcs7-padding-side-channel-fix.txt
index b813b84ce..c5cbc7535 100644
--- a/ChangeLog.d/pkcs7-padding-side-channel-fix.txt
+++ b/ChangeLog.d/pkcs7-padding-side-channel-fix.txt
@@ -2,3 +2,5 @@ Security
    * Fix a timing side channel in the implementation of PKCS#7 padding
      which would allow an attacker who can request decryption of arbitrary
      ciphertexts to recover the plaintext through a timing oracle attack.
+     Reported by Ka Lok Wu from Stony Brook University and Doria Tang from
+     The Chinese University of Hong Kong.