The change log looks a bit off. Can you add the Bugzilla reference to the top level bullet point (the one with the patch file name) and make the details ("websocket: Limit maximum uncompressed frame length to 8MiB") an indented bullet point under the top level bullet point? I for one usually put the patch's subject in that detail line since the length available for the file name truncates it more often than not. See https://build.opensuse.org/request/show/891340 for a formatting example.