Update CHANGELOG.md for 13.7.2-ee

[ci skip]

CHANGELOG.md

@@ -2,6 +2,19 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
+## 13.7.2 (2021-01-07)
+
+### Security (7 changes)
+
+- Forbid public cache for private repos.
+- Deny implicit flow for confidential apps.
+- Update NuGet regular expression to protect against ReDoS.
+- Fix regular expression backtracking issue in package name validation.
+- Fix stealing API token from GitLab Pages and DoS Prometheus through GitLab Pages.
+- Update trusted OAuth applications to set them as confidential.
+- Upgrade Workhorse to 8.58.2.
+
+
 ## 13.7.1 (2020-12-23)
 ### Fixed (1 change)

changelogs/unreleased/security-id-forbid-public-cache-for-private-repos.yml

----
-title: Forbid public cache for private repos
-merge_request:
-author:
-type: security

changelogs/unreleased/security-implicit-confidential.yml

----
-title: Deny implicit flow for confidential apps
-merge_request:
-author:
-type: security

changelogs/unreleased/security-nuget-regex-update-redos.yml

----
-title: Update NuGet regular expression to protect against ReDoS
-merge_request:
-author:
-type: security

changelogs/unreleased/security-package-regex-dos.yml

----
-title: Fix regular expression backtracking issue in package name validation
-merge_request:
-author:
-type: security

changelogs/unreleased/security-pages-1-33.yml

----
-title: Fix stealing API token from GitLab Pages and DoS Prometheus through GitLab Pages
-merge_request:
-author:
-type: security

changelogs/unreleased/security-trusted-confidential-apps.yml

----
-title: Update trusted OAuth applications to set them as confidential
-merge_request:
-author:
-type: security

changelogs/unreleased/security-workhorse-prometheus-13-7.yml

----
-title: Upgrade Workhorse to 8.58.2
-merge_request:
-author:
-type: security