Update CHANGELOG.md for 13.9.5-ee

[ci skip]

Update CHANGELOG.md for 13.9.5-ee
[ci skip]
aec45d06 · GitLab Release Tools Bot · f84ce555 · aec45d06
Commit aec45d06 authored Mar 31, 2021 by GitLab Release Tools Bot
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 0 deletions

CHANGELOG.md CHANGELOG.md +22 -0

No files found.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -551,6 +551,28 @@ entry.
 - Convert mattermost alert to pajamas. !56556


+## 13.9.5 (2021-03-31)
+
+### Security (6 changes)
+
+- Leave pool repository on fork unlinking.
+- Fixed XSS in merge requests sidebar.
+- Fix arbitrary read/write in AsciiDoctor and Kroki gems.
+- Prevent infinite loop when checking if collaboration is allowed.
+- Disable arbitrary URI and file reads in JSON validator.
+- Require POST request to trigger system hooks.
+
+### Removed (1 change)
+
+- Make HipChat project service do nothing. !57434
+
+### Other (3 changes)
+
+- Remove direct mimemagic dependency. !57387
+- Refactor MimeMagic calls to new MimeType class. !57421
+- Switch to using a fake mimemagic gem. !57443
+
+
 ## 13.9.4 (2021-03-17)

 ### Security (1 change)