diff --git a/CHANGELOG b/CHANGELOG
index 69a4a30d3..90d9ae0d8 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -57,6 +57,22 @@ o [NSE] Added the afp-serverinfo script that gets a hostname, IP
   contributed by Andrew Orr and were subsequently enhanced by Patrik
   and David.
 
+o Performed a large OS detection integration run. The database has
+  grown to 2,608 fingerprints (an increase of 262) and many of the
+  existing fingerprints were improved. These include the Apple iPad
+  and Cisco IOS 15.X devices. We also received many fingerprints for
+  ancient Microsoft systems including MS DOS with MS Networking Client
+  3.0, Windows 3.1, and Windows NT 3.1. David posted highlights of his
+  integration work at http://seclists.org/nmap-dev/2010/q2/283.
+
+o Performed a large version detection integration run. The number of
+  signatures has grown to 6,622 (an increase of 279). New signatures
+  include a remote administrative backdoor that a school famously used
+  to spy on students, an open source digital currency scheme named
+  bitcoin, and game servers for EVE Online, l2emurt Lineage II, and Frozen
+  Bubble. You can read David's highlights at
+  http://seclists.org/nmap-dev/2010/q2/385.
+
 o UDP payloads are now stored in an external data file, nmap-payloads,
   instead of being hard-coded in the executable. This makes it easier
   to add your own payloads or disable those you find problematic. [Jay
@@ -145,17 +161,36 @@ o Fixed the assignment of interface aliases to directly connected
 
 o [Zenmap] Added the ability to print Nmap output to a printer. [David]
 
+o David made many improvements to the NSEDoc for individual scripts,
+  including adding @output sections to scripts which didn't have them.
+  He also improved the generated HTML with features like
+  auto-generating usage strings if the scripts don't include their own
+  and allowing the giant sidebar lists of scripts/libraries to expand
+  and contract.  See http://nmap.org/nsedoc/.
+
 o [NSE] Added checking for boot.ini to http-passwd.nse. [Gutek]
 
 o Added a new library, libnetutil, which contains about 2,700 lines of
   networking related code which is now shared between Nman and Nping
   (it was previously duplicated by each tool). [Luis, David]
 
-o Combined service match lines for Oracle Enterprise Manager Agent
-  into one more effective line created by Matt Selsky.
+o When Nmap is passed a hostname such as google.com which resolves to
+  several IP addresses, Nmap now prints each IP.  It still only scans
+  the first one in the returned list. [David]
 
-o Fixed captures in the mupdate service probe matches. This patch is
-  from Matt Selsky.
+o Removed --interactive mode, a miniature shell whose primary purpose
+  was to hide command line arguments from the process list. It had
+  been broken (would segfault during the second scan) for at least 9
+  months and was rarely used. The fact that it was broken was reported
+  by Juan Carlos Castro y Castro. [David]
+
+o Improved service detection match lines for Oracle Enterprise Manager
+  Agent and mupdate. [Matt Selsky]
+
+o Improved service detection match lines for Twisted web server, Apple
+  Filing Protocol, Apple Mac OS X Password Server, XAVi XG6546p
+  Wireless Gateway, Sun GlassFish Communications Server, and Comdasys,
+  SIParator and Glassfish SIP services [Patrik]
 
 o [NSE] Fixed a bug in qscan.nse which gave an error if a confidence
   level of 0.9995 was used.  Thanks to Marcin Hoffmann for noticing
@@ -205,6 +240,13 @@ o Added EPROTO to the list of known error codes in service scan. Daniel
   error)". We suspect this was caused by a forged ICMP packet sent by an
   active firewall. [David]
 
+o [NSE] Made smtp-commands run for the services smtp, smtps,
+  submission rather than just smtp.  The other smtp scripts already do
+  this. [David]
+
+o Made a list of Nmap SVN commiters:
+  http://nmap.org/svn/docs/committers.txt
+
 o [NSE] The dns-recursion script now marks the port as open when it
   gets a response. [Olivier M]
 
@@ -212,11 +254,16 @@ o [NSE] Improved smtp-commands.nse to work against more mail servers,
   made it take an smtp-commands.domain script argument, and rewrote it
   in the style of other smtp scripts. [Jason DePriest]
 
+o Sped up compilation by not building both shared and static libdnet
+  libraries--we only use the static one. [David]
+
 o [NSE] Improved error handling and reporting and re-designed communication
   class in RPC library with patch from Djalal Harouni. [Patrik]
 
 o Upgraded the included libpcap to version 1.1.1. [David]
 
+o Updated nmap-mac-prefixes to the latest IEEE data as of 2010-07-13.
+
 o [NSE] Add some special use IPv4 addresses to isPrivate which are
   described in RFC 5736 and RFC 5737, published in Jan 2010. Improve
   performance of isPrivate for IPv4 addresses by using ip_in_range
@@ -225,6 +272,14 @@ o [NSE] Add some special use IPv4 addresses to isPrivate which are
   string representing the special use assignment in which the supplied
   address is located. [jah]
 
+o Fix compilation on Opensolaris by making the Autoconf check for
+  PF_PACKET in our libdnet Linux-specific.  Recent versions of
+  OpenSolaris support PF_PACKET, but not in an entirely compatible way
+  with the Linux approach. Problem reported by Darren Reed. [David]
+
+o Improved our brute force password guessing list with some data sent
+  in by Solar Designer of John the Ripper fame.
+
 o [NSE] Added script arguments "username" and "password" to ftp-bounce
   to override the default anonymous:IEUser@ login combination. [Kris]
 
@@ -237,17 +292,38 @@ o [NSE] Added port number sorting to dns-service-discovery.nse. [Patrik]
 o [NSE] Added an snmpWalk() function to the SNMP library and updated
   scripts to use it.  [Patrik]
 
+o [NSE] Fixed this dns.lua error reported by Eugene Alexeev:
+  nselib/dns.lua:110: attempt to get length of field 'dtype' (a number value)
+  [Jah]
+
 o Updated IANA IP address space assignment list for random IP (-iR)
   generation. [Kris]
 
+o Created a new directory for storing todo lists for Nmap and related
+  projects.  You can see what we're working on and planning by
+  visiting http://nmap.org/svn/todo/.
+
+o [NSE] Removed explicit timelimit checking from ms-sql-brute,
+  pgsql-brute, mysql-brute, ldap-brute, and afp-brute. The unpwdb
+  library does this automatically now. [David]
+
 o [NSE] Added UDP header parsing support to packet.lua. [jah]
 
+o Fixed a bug in libpcap which lead to Nmap hanging forever in some
+  cases on 64-bit Mac OS X 10.6, 10.6.1, and 10.6.3.  The fix was
+  actually already available in upstream libpcap, just not released.
+  We also had to make Nmap build with its own libpcap on 64-bit OS X
+  if an already-installed system libpcap has this bug. [David]
+
 o [NSE] Correct global access errors in afp.lua reported by Patrick Donnelly
   [Patrik]
 
 o [NSE] Correct misspelled "Capabilities.IgnoreSpaceBeforeParanthesis"
   name in the MySQL library. [Kris]
 
+o Normalized a bunch of version detection entries with "webserver" in
+  the description.  In most cases this was changed to "httpd".
+
 o [Ncat] Fixed the --crlf option not to insert an extra \r byte in the
   case that one system read ends with \r and the next begins with \n
   (should be rare). [David]
@@ -256,12 +332,6 @@ o [NSE] Fixed bug in rpc.lua library that incorrectly required file handles
   to be 32 octects when calling the ReadDir function. The bug was reported by
   Djalal Harouni. [Patrik]
 
-o Removed --interactive mode, a miniature shell whose primary purpose
-  was to hide command line arguments from the process list. It had
-  been broken (would segfault during the second scan) for at least 9
-  months and was rarely used. The fact that it was broken was reported
-  by Juan Carlos Castro y Castro. [David]
-
 Nmap 5.30BETA1 [2010-03-29]
 
 o [NSE] Added 37 scripts, bringing the total to 117! They are