diff --git a/README.md b/README.md
index b18945c..8e31a2a 100644
--- a/README.md
+++ b/README.md
@@ -16,7 +16,7 @@ Self-learning project for terraform
 
 1. Setup DigitalOcean
 2. Add DO infrastructure via ansible
-3. Add traefik for proper proxying
+3. ~Add traefik for proper proxying~
 
 # Security Headers note
 
@@ -26,11 +26,20 @@ The following security headers are applied using traefik on all traefik frontend
 - Redirect HTTP->HTTPS
 - contentTypeNosniff: true
 - browserXSSFilter: true
-- XFO: Allow-From muximux
-- referrerPolicy: no-referrer
+- XFO: Allow-From muximux (TODO)
+- referrerPolicy: no-referrer (TODO)
 - X-Powered-By: Allomancy
 - X-Server: BlackBox
-- X-Clacks-Overhead "GNU Terry Pratchett"
+- X-Clacks-Overhead "GNU Terry Pratchett" (TODO)
 
+Currently waiting on traefik 1.5.0-rc2 to fix security specific headers issue (marked as TODO above).
 
-Currently waiting on traefik 1.5.0-rc2 to fix security specific headers issue.
+## Upstream
+
+Issues I've faced/reported as a result of this project:
+
+1. Airsonic HTTPS proxying is broken. Reported: https://github.com/airsonic/airsonic/issues/641
+2. Traefik docker backend security headers were broken with dashes. Reported at https://github.com/containous/traefik/issues/2493, and fixed by https://github.com/containous/traefik/pull/2496
+3. Headphones dies repeatedly with no error logs. Yet-to-report.
+4. Terraform doesn't parse mariadb version numbers. Report: https://github.com/terraform-providers/terraform-provider-mysql/issues/6. Got this fixed myself by filing a PR: https://github.com/hashicorp/go-version/pull/34
+5. elibsrv didn't support ebook-convert, only mobigen. PR is at https://github.com/captn3m0/elibsrv/pull/1. I've to get this merged upstream for the next release.