Update CHANGELOG.md for 13.6.4-ee

[ci skip]

CHANGELOG.md

@@ -2,6 +2,19 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
+## 13.6.4 (2021-01-07)
+
+### Security (7 changes)
+
+- Forbid public cache for private repos.
+- Deny implicit flow for confidential apps.
+- Update NuGet regular expression to protect against ReDoS.
+- Fix regular expression backtracking issue in package name validation.
+- Upgrade GitLab Pages to 1.30.2.
+- Update trusted OAuth applications to set them as confidential.
+- Upgrade Workhorse to 8.54.2.
+
+
 ## 13.6.3 (2020-12-10)
 ### Fixed (5 changes)

changelogs/unreleased/security-id-forbid-public-cache-for-private-repos.yml

----
-title: Forbid public cache for private repos
-merge_request:
-author:
-type: security

changelogs/unreleased/security-implicit-confidential.yml

----
-title: Deny implicit flow for confidential apps
-merge_request:
-author:
-type: security

changelogs/unreleased/security-nuget-regex-update-redos.yml

----
-title: Update NuGet regular expression to protect against ReDoS
-merge_request:
-author:
-type: security

changelogs/unreleased/security-package-regex-dos.yml

----
-title: Fix regular expression backtracking issue in package name validation
-merge_request:
-author:
-type: security

changelogs/unreleased/security-pages-1-30-1.yml

----
-title: Upgrade GitLab Pages to 1.30.2
-merge_request:
-author:
-type: security

changelogs/unreleased/security-trusted-confidential-apps.yml

----
-title: Update trusted OAuth applications to set them as confidential
-merge_request:
-author:
-type: security

changelogs/unreleased/security-workhorse-prometheus-13-6.yml

----
-title: Upgrade Workhorse to 8.54.2
-merge_request:
-author:
-type: security