diff --git a/CHANGES.rst b/CHANGES.rst
index 8da5e0dbf6..cc40855387 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -4,8 +4,8 @@ Changes in synapse v0.28.1 (2018-05-01)
 SECURITY UPDATE
 
 * Clamp the allowed values of event depth received over federation to be
-  [0, 2**63 - 1].  This mitigates an attack where malicious events
-  injected with depth = 2**63 - 1 render rooms unusable.  Depth is used to
+  [0, 2^63 - 1].  This mitigates an attack where malicious events
+  injected with depth = 2^63 - 1 render rooms unusable.  Depth is used to
   determine the cosmetic ordering of events within a room, and so the ordering
   of events in such a room will default to using stream_ordering rather than depth
   (topological_ordering).
@@ -14,7 +14,7 @@ SECURITY UPDATE
   is being implemented to improve how the depth parameter is used.
 
   Full details at
-  https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI/edit#
+  https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI
 
 * Pin Twisted to <18.4 until we stop using the private _OpenSSLECCurve API.