diff --git a/content/posts/CVE-2019-19844/index.md b/content/posts/CVE-2019-19844/index.md
index 08f60dd..d612d4b 100644
--- a/content/posts/CVE-2019-19844/index.md
+++ b/content/posts/CVE-2019-19844/index.md
@@ -99,9 +99,8 @@ Now this isn't a bash on PostgreSQL, what they're doing is definitely correct, a
 
 Back on topic, CVE-2019-19844. As I said, the patch to Django was in 2 parts: Fixing unicode comparisons, and fixing user input.
 
-> 1. After retrieving a list of potentially-matching accounts from the database, Django's password reset functionality now also checks the email address for equivalence in Python, using the recommended identifier-comparison process from
-> 2. Unicode Technical Report 36, section 2.11.2(B)(2).
-When generating password-reset emails, Django now sends to the email address retrieved from the database, rather than the email address submitted in the password-reset request form.
+> 1. After retrieving a list of potentially-matching accounts from the database, Django's password reset functionality now also checks the email address for equivalence in Python, using the recommended identifier-comparison process from Unicode Technical Report 36, section 2.11.2(B)(2).
+> 2. When generating password-reset emails, Django now sends to the email address retrieved from the database, rather than the email address submitted in the password-reset request form.
 
 The exact patch can be seen [on GitHub](https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70), and the split can be seen quite nicely.