diff --git a/changelog/unreleased/issue-189 b/changelog/unreleased/issue-189
index f60bcd5..8a9b92f 100644
--- a/changelog/unreleased/issue-189
+++ b/changelog/unreleased/issue-189
@@ -2,8 +2,8 @@ Enhancement: Support group accessible repositories
 
 Rest-server now supports making repositories accessible to the filesystem group
 by setting the `--group-accessible-repos` option. Note that permissions of
-existing files are not modified. Use `chmod -R g+rwX /path/to/repo` to make
-the repository group-accessible.
+existing files are not modified. To make an existing repository group-accessible,
+use `chmod -R g+rwX /path/to/repo`.
 
 https://github.com/restic/rest-server/issues/189
 https://github.com/restic/rest-server/pull/308
diff --git a/changelog/unreleased/pull-295 b/changelog/unreleased/pull-295
index 5ad31f3..3f93473 100644
--- a/changelog/unreleased/pull-295
+++ b/changelog/unreleased/pull-295
@@ -1,5 +1,5 @@
 Enhancement: Output status of append only mode on startup
 
-Rest-server now outputs whether append only mode has been enabled on startup.
+Rest-server now displays the status of append-only mode during startup.
 
 https://github.com/restic/rest-server/pull/295
diff --git a/changelog/unreleased/pull-307 b/changelog/unreleased/pull-307
index 2902565..38628a6 100644
--- a/changelog/unreleased/pull-307
+++ b/changelog/unreleased/pull-307
@@ -1,8 +1,10 @@
-Enhancement: Add support for proxy-based authentication
+Enhancement: Support proxy-based authentication 
 
-The server now supports authentication via a proxy header specified with the `--proxy-auth-username` flag (e.g., `--proxy-auth-username=X-Forwarded-User`).
-When this flag is set, the server will authenticate users based on the given header and disable BasicAuth.
-Note that `--proxy-auth-username` is ignored if `--no-auth` is set, as `--no-auth` disables all authentication.
+Rest-server now supports authentication via HTTP proxy headers. This feature can
+be enabled by specifying the username header using the `--proxy-auth-username`
+option (e.g., `--proxy-auth-username=X-Forwarded-User`). When enabled, the server
+authenticates users based on the specified header and disables BasicAuth.
+Note that proxy authentication is disabled when `--no-auth` is set.
 
 https://github.com/restic/rest-server/issues/174
-https://github.com/restic/rest-server/pull/307
\ No newline at end of file
+https://github.com/restic/rest-server/pull/307
diff --git a/changelog/unreleased/pull-315 b/changelog/unreleased/pull-315
index 9b36679..a9f7826 100644
--- a/changelog/unreleased/pull-315
+++ b/changelog/unreleased/pull-315
@@ -1,6 +1,7 @@
 Enhancement: Hardened tls settings
 
-rest-server now uses a secure tls cipher suit set and the minimal TLS version
-can be set with the option `--tls-min-ver`
+Rest-server now uses a secure TLS cipher suite set by default. The minimum TLS
+version is now TLS 1.2 and can be further increased using the new `--tls-min-ver`
+option, allowing users to enforce stricter security requirements.
 
 https://github.com/restic/rest-server/pull/315