diff --git a/CHANGELOG.md b/CHANGELOG.md
index 66f26ec..260ac54 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,9 +6,15 @@
 * Full support of TLS 1.3, shows also drafts supported
 * ROBOT check
 * Better TLS extension support
-* Better OpenSSL 1.1.1 support
+* Better OpenSSL 1.1.1 and higher versions support
 * DNS over Proxy and other proxy improvements
 * Decoding of unencrypted BIG IP cookies
+* Initial client certificate support
+* Socket timeouts (``--connect-timeout``)
+* IDN/IDN2 servername support
+* pwnedkeys.com support
+* Initial client certificate support
+* Initial support for certificate compression
 * Better JSON output: renamed IDs and findings shorter/better parsable
 * JSON output now valid also for non-responding servers
 * Testing now per default 370 ciphers
@@ -20,6 +26,7 @@
 * Check for session resumption (Ticket, ID)
 * TLS Robustness check (GREASE)
 * Server preference distinguishes between TLS 1.3 and lower protocols
+* Mark TLS 1.0 and TLS 1.1 as deprecated
 * Does a few startup checks which make later tests easier and faster (determine_optimal_\*() )
 * Expect-CT Header Detection
 * `--phone-out` does certificate revocation checks via OCSP (LDAP+HTTP) and with CRL
@@ -32,11 +39,12 @@
 * Added `--ids-friendly` switch
 * Exit codes better: 0 for running without error, 1+n for small errors, >240 for major errors.
 * Better error msg suppression (not fully installed OpenSSL)
+* Better parsing of HTTP headers & better output of longer HTTP headers
 * Dockerfile and repo @ docker hub with that file (see above)
 * Java Root CA store added
 * Better support for XMPP via STARTTLS & faster
 * Certificate check for to-name in stream of XMPP
-* Support for NNTP via STARTTLS
+* Support for NNTP via STARTTLS, fixes for MySQL and PostgresQL
 * Support for SNI and STARTTLS
 * More robustness for any STARTTLS protocol (fall back to plaintext while in TLS)
 * Major update of client simulations with self-collected data