diff --git a/crates/xcb/RUSTSEC-2021-0019.md b/crates/xcb/RUSTSEC-2021-0019.md
index de8076f..7569073 100644
--- a/crates/xcb/RUSTSEC-2021-0019.md
+++ b/crates/xcb/RUSTSEC-2021-0019.md
@@ -10,10 +10,11 @@ aliases = [
 ]
 date = "2021-02-04"
 url = "https://github.com/RustSec/advisory-db/issues/653"
+references = ["https://github.com/rust-x-bindings/rust-xcb/issues/78", "https://github.com/rust-x-bindings/rust-xcb/issues/94", "https://github.com/rust-x-bindings/rust-xcb/issues/95", "https://github.com/rust-x-bindings/rust-xcb/issues/96"]
 categories = ["memory-corruption", "memory-exposure"]
 
 [versions]
-patched = []
+patched = [">= 1.0"]
 ```
 
 # Multiple soundness issues
@@ -26,7 +27,7 @@ X11 server without any validity checks. The X11 server only prevents interior
 null bytes, but otherwise allows any X11 client to create an atom for arbitrary
 bytes.
 
-This issue is tracked here: https://github.com/rtbo/rust-xcb/issues/96
+This issue is tracked here: https://github.com/rust-x-bindings/rust-xcb/issues/96
 
 ## `xcb::xproto::GetPropertyReply::value()` allows arbitrary return types
 
@@ -37,7 +38,7 @@ the X11 server are interpreted as the requested type.
 The users of the `xcb` crate are advised to only call this function with the
 intended types. These are `u8`, `u16`, and `u32`.
 
-This issue is tracked here: https://github.com/rtbo/rust-xcb/issues/95
+This issue is tracked here: https://github.com/rust-x-bindings/rust-xcb/issues/95
 
 ## Out of bounds read in `xcb::xproto::change_property()`
 
@@ -53,7 +54,7 @@ end of the `data` slice is performed and the bytes are sent to the X11 server.
 The users of the `xcb` crate are advised to only call this function with one of
 the intended argument combinations.
 
-This issue is tracked here: https://github.com/rtbo/rust-xcb/issues/94
+This issue is tracked here: https://github.com/rust-x-bindings/rust-xcb/issues/94
 
 ## 'Safe' wrapper around `std::mem::transmute()`
 
@@ -69,4 +70,4 @@ X11 events are mostly always 32 bytes large and this function works as intended.
 Users are advised to only cast to the event structs provided by the `xcb` crate
 (and hope for the best).
 
-This issue is tracked here: https://github.com/rtbo/rust-xcb/issues/78
+This issue is tracked here: https://github.com/rust-x-bindings/rust-xcb/issues/78