diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1a2e3026..fda0ba42 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,16 @@
 # Changelog
 
+## 1.0.15 - 2019-03-10
+
+- SFTP: make it so get() can correctly handle out of order responses (#1343)
+- Crypt: avoid bogus IV errors in ECB mode with OpenSSL (#1087)
+- RSA: protect against possible timing attack during OAEP decryption
+- RSA: fix possible memory leak with XML keys (#1346)
+- Hash: fix issues with the mode
+- SCP: issue error if remote_file is empty in put() call (#1335)
+- X509: whitelist OID 1.3.6.1.4.1.11129.2.4.2 (#1341)
+
+
 ## 1.0.14 - 2019-01-27
 
 - SSH2: ssh-rsa is sometimes incorrectly used instead of rsa-sha2-256 (#1331)
diff --git a/README.md b/README.md
index b748da6e..915f9dc9 100644
--- a/README.md
+++ b/README.md
@@ -37,7 +37,7 @@ AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509
 * Composer compatible (PSR-0 autoloading)
 * Install using Composer: `composer require phpseclib/phpseclib ~1.0`
 * Install using PEAR: See [phpseclib PEAR Channel Documentation](http://phpseclib.sourceforge.net/pear.htm)
-* [Download 1.0.14 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.14.zip/download)
+* [Download 1.0.15 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.15.zip/download)
 
 ## Support