Update CHANGELOG.md for 11.9.2

[ci skip]

9 files changed, 14 insertions, 40 deletions

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ca52a3a7444..6a97044779c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,20 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 11.9.2 (2019-03-26)
+
+### Security (8 changes)
+
+- Disallow guest users from accessing Releases.
+- Fix PDF.js vulnerability.
+- Hide "related branches" when user does not have permission.
+- Fix XSS in resolve conflicts form.
+- Added rake task for removing EXIF data from existing uploads.
+- Return cached languages if they've been detected before.
+- Disallow updating namespace when updating a project.
+- Use UntrustedRegexp for matching refs policy.
+
+
 ## 11.9.1 (2019-03-25)
 
 ### Fixed (7 changes)
diff --git a/changelogs/unreleased/disallow-guests-to-access-releases.yml b/changelogs/unreleased/disallow-guests-to-access-releases.yml
deleted file mode 100644
index f2d518108d2..00000000000
--- a/changelogs/unreleased/disallow-guests-to-access-releases.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Disallow guest users from accessing Releases
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-55503-fix-pdf-js-vulnerability.yml b/changelogs/unreleased/security-55503-fix-pdf-js-vulnerability.yml
deleted file mode 100644
index e5d0cd4fee1..00000000000
--- a/changelogs/unreleased/security-55503-fix-pdf-js-vulnerability.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix PDF.js vulnerability
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-56224.yml b/changelogs/unreleased/security-56224.yml
deleted file mode 100644
index a4e274e6ca5..00000000000
--- a/changelogs/unreleased/security-56224.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Hide "related branches" when user does not have permission
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-56927-xss-resolve-conflicts-branch-name.yml b/changelogs/unreleased/security-56927-xss-resolve-conflicts-branch-name.yml
deleted file mode 100644
index f92d2c0dcb1..00000000000
--- a/changelogs/unreleased/security-56927-xss-resolve-conflicts-branch-name.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix XSS in resolve conflicts form
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-exif-migration.yml b/changelogs/unreleased/security-exif-migration.yml
deleted file mode 100644
index cc529099df5..00000000000
--- a/changelogs/unreleased/security-exif-migration.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Added rake task for removing EXIF data from existing uploads.
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-id-potential-denial-languages.yml b/changelogs/unreleased/security-id-potential-denial-languages.yml
deleted file mode 100644
index 2194ecb97dc..00000000000
--- a/changelogs/unreleased/security-id-potential-denial-languages.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Return cached languages if they've been detected before
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-mass-assignment-on-project-update.yml b/changelogs/unreleased/security-mass-assignment-on-project-update.yml
deleted file mode 100644
index 93561cd91b3..00000000000
--- a/changelogs/unreleased/security-mass-assignment-on-project-update.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Disallow updating namespace when updating a project
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/use-untrusted-regexp.yml b/changelogs/unreleased/use-untrusted-regexp.yml
deleted file mode 100644
index dd7f1bcaca1..00000000000
--- a/changelogs/unreleased/use-untrusted-regexp.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Use UntrustedRegexp for matching refs policy
-merge_request:
-author:
-type: security