Update CHANGELOG.md for 11.11.5

[ci skip]

Update CHANGELOG.md for 11.11.5
[ci skip]
a0cf5c68 · GitLab Release Tools Bot · 1c320888 · a0cf5c68 · 1c320888 · 1c320888
Commit a0cf5c68 authored Jun 27, 2019 by GitLab Release Tools Bot
11 changed files
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,22 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.

+## 11.11.5 (2019-06-27)
+
+### Security (10 changes)
+
+- Disable Rails SQL query cache when applying service templates. !30060
+- Add missing authorizations in GraphQL.
+- Fix DoS vulnerability in color validation regex.
+- Expose merge requests count based on user access.
+- Fix Denial of Service for comments when rendering issues/MR comments.
+- Gate MR head_pipeline behind read_pipeline ability.
+- Prevent Billion Laughs attack.
+- Correctly check permissions when creating snippet notes.
+- Prevent the detection of merge request templates by unauthorized users.
+- Persist tmp snippet uploads at users.
+
+
 ## 11.11.4 (2019-06-26)

 ### Fixed (3 changes)

--- a/changelogs/unreleased/osw-persist-tmp-snippet-uploads.yml
+++ b/changelogs/unreleased/osw-persist-tmp-snippet-uploads.yml
---
-title: Persist tmp snippet uploads at users
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-11-11-mr-head-pipeline-leak.yml
+++ b/changelogs/unreleased/security-11-11-mr-head-pipeline-leak.yml
---
-title: Gate MR head_pipeline behind read_pipeline ability.
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-2858-fix-color-validation.yml
+++ b/changelogs/unreleased/security-2858-fix-color-validation.yml
---
-title: Fix DoS vulnerability in color validation regex
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-59581-related-merge-requests-count.yml
+++ b/changelogs/unreleased/security-59581-related-merge-requests-count.yml
---
-title: Expose merge requests count based on user access
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-DOS_issue_comments_banzai.yml
+++ b/changelogs/unreleased/security-DOS_issue_comments_banzai.yml
---
-title: Fix Denial of Service for comments when rendering issues/MR comments
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-bvl-enforce-graphql-type-authorization.yml
+++ b/changelogs/unreleased/security-bvl-enforce-graphql-type-authorization.yml
---
-title: Add missing authorizations in GraphQL
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-fp-prevent-billion-laughs-attack.yml
+++ b/changelogs/unreleased/security-fp-prevent-billion-laughs-attack.yml
---
-title: Prevent Billion Laughs attack
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-notes-in-private-snippets.yml
+++ b/changelogs/unreleased/security-notes-in-private-snippets.yml
---
-title: Correctly check permissions when creating snippet notes
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-prevent-detection-of-merge-request-template-name.yml
+++ b/changelogs/unreleased/security-prevent-detection-of-merge-request-template-name.yml
---
-title: Prevent the detection of merge request templates by unauthorized users
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/sh-service-template-bug.yml
+++ b/changelogs/unreleased/sh-service-template-bug.yml
---
-title: Disable Rails SQL query cache when applying service templates
-merge_request: 30060
-author:
-type: security