diff --git a/ChangeLog b/ChangeLog
index 618df3c3df..87c8e21255 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+Sat Sep 13 11:13:18 2008  Shugo Maeda  <shugo@ruby-lang.org>
+
+	* NEWS: added an entry for REXML.
+
+	* lib/rexml/document.rb: fixed typo.
+
 Sat Sep 13 11:05:38 2008  Shugo Maeda  <shugo@ruby-lang.org>
 
 	* lib/rexml/document.rb: limit entity expansion.  Thanks, Luka
diff --git a/NEWS b/NEWS
index dc391b2b1e..39223610fd 100644
--- a/NEWS
+++ b/NEWS
@@ -49,6 +49,15 @@ with all sufficient information, see the ChangeLog file.
     * raise an exception not returns nil for invalid feed making.
     * requires block.
 
+* REXML
+
+  * REXML::Document.entity_expansion_limit=
+
+    New method to set the entity expansion limit. By default the limit is
+    set to 10000.  See the following URL for details.
+
+    http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/
+
 == Changes since the 1.8.6 release
 
 === Configuration changes
diff --git a/lib/rexml/document.rb b/lib/rexml/document.rb
index 11fd0647bf..3d1300a06b 100644
--- a/lib/rexml/document.rb
+++ b/lib/rexml/document.rb
@@ -203,12 +203,12 @@ module REXML
 
     @@entity_expansion_limit = 10_000
 
-    # Set the entity expansion limit. By defualt the limit is set to 10000.
+    # Set the entity expansion limit. By default the limit is set to 10000.
     def Document::entity_expansion_limit=( val )
       @@entity_expansion_limit = val
     end
 
-    # Get the entity expansion limit. By defualt the limit is set to 10000.
+    # Get the entity expansion limit. By default the limit is set to 10000.
     def Document::entity_expansion_limit
       return @@entity_expansion_limit
     end