diff --git a/CHANGELOG b/CHANGELOG
index 413c56c1..7ab5df55 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -50,8 +50,8 @@ bug report - outstanding bugs are listed here:
       patches!
 
 * pam_pwdb: Solar Designer pointed out that there was a problem with
-  the compatibility support for md5 password hashing. (Bug 460717 -
-  agmorgan)
+  the compatibility support for md5 password hashing. (Bug 460717,
+  476961 - agmorgan)
 * pam_issue: Nalin found segfaulting problems if the PAM_USER_PROMPT
   is unset, found some similar problems with assumptions about
   realloc. (Bug 476983 - agmorgan)
diff --git a/modules/pam_pwdb/pam_unix_passwd.-c b/modules/pam_pwdb/pam_unix_passwd.-c
index e0ef0917..0949af7f 100644
--- a/modules/pam_pwdb/pam_unix_passwd.-c
+++ b/modules/pam_pwdb/pam_unix_passwd.-c
@@ -236,6 +236,8 @@ static int _unix_chauthtok(pam_handle_t *pamh, unsigned int ctrl)
 	/*
 	 * By reaching here we have approved the passwords and must now
 	 * rebuild the password database file.
+	 *
+	 * This includes the fact that the password is _not_ NULL.
 	 */
 
 	/*
diff --git a/modules/pam_pwdb/support.-c b/modules/pam_pwdb/support.-c
index bbaa51ac..e6d5829d 100644
--- a/modules/pam_pwdb/support.-c
+++ b/modules/pam_pwdb/support.-c
@@ -513,6 +513,7 @@ static int _unix_verify_password(pam_handle_t *pamh, const char *name,
 
     } else {
 
+	/* there is no way that p can be NULL (one can be "") */
         pp = _pam_md(p, salt);
 
         /* the moment of truth -- do we agree with the password? */