Update CHANGELOG.md for 12.5.1

[ci skip]
author: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> 2019-11-26 19:12:06 +0300
committer: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> 2019-11-26 19:12:06 +0300
commit: 0994af9283ed8bcdabd3fb16d45ae8d21dd98b66 (patch)
tree: dc9b8338357932d5b4bf3598e52abf70e603394b /CHANGELOG.md
parent: 1bc5f5c4a35e186c94c7b1efecec9425661cbff6 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index a4efa33eed7..59fb71c3245 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,20 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 12.5.1
+
+### Security (8 changes)
+
+- Check permissions before showing a forked project's source.
+- Encrypt application setting tokens.
+- Update Workhorse and Gitaly to fix a security issue.
+- Hide commit counts from guest users in Cycle Analytics.
+- Limit potential for DNS rebind SSRF in chat notifications.
+- Ensure are cleaned by ImportExport::AttributeCleaner.
+- Remove notes regarding Related Branches from Issue activity feeds for guest users.
+- Escape namespace in label references to prevent XSS.
+
+
 ## 12.5.0
 
 ### Security (15 changes)
author	GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>	2019-11-26 19:12:06 +0300
committer	GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>	2019-11-26 19:12:06 +0300
commit	0994af9283ed8bcdabd3fb16d45ae8d21dd98b66 (patch)
tree	dc9b8338357932d5b4bf3598e52abf70e603394b /CHANGELOG.md
parent	1bc5f5c4a35e186c94c7b1efecec9425661cbff6 (diff)