Update CHANGELOG.md for 12.3.7

[ci skip]

Update CHANGELOG.md for 12.3.7
[ci skip]
7278d3f1 · GitLab Release Tools Bot · dfac6800 · 7278d3f1 · dfac6800 · dfac6800
9 changed file
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -735,6 +735,21 @@ entry.
 - Remove Postgresql specific setup tasks and move to schema.rb.
+## 12.3.7
+### Security (9 changes)
+- Check permissions before showing a forked project's source.
+- Encrypt application setting tokens.
+- Update Workhorse and Gitaly to fix a security issue.
+- Hide commit counts from guest users in Cycle Analytics.
+- Limit potential for DNS rebind SSRF in chat notifications.
+- Fix 500 error caused by invalid byte sequences in links.
+- Ensure are cleaned by ImportExport::AttributeCleaner.
+- Remove notes regarding Related Branches from Issue activity feeds for guest users.
+- Escape namespace in label references to prevent XSS.
 ## 12.3.4
 ### Fixed (2 changes)

--- a/changelogs/unreleased/security-28802-respect-fork-parent-visibility-ee.yml
+++ b/changelogs/unreleased/security-28802-respect-fork-parent-visibility-ee.yml
---
-title: Check permissions before showing a forked project's source
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-2943-encrypt-plaintext-tokens.yml
+++ b/changelogs/unreleased/security-2943-encrypt-plaintext-tokens.yml
---
-title: Encrypt application setting tokens
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-ag-cycle-analytics-guest-permissions.yml
+++ b/changelogs/unreleased/security-ag-cycle-analytics-guest-permissions.yml
---
-title: Hide commit counts from guest users in Cycle Analytics.
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-dns-rebind-ssrf-in-slack-notifications.yml
+++ b/changelogs/unreleased/security-dns-rebind-ssrf-in-slack-notifications.yml
---
-title: Limit potential for DNS rebind SSRF in chat notifications
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-dos-issue-and-commit-comments-master.yml
+++ b/changelogs/unreleased/security-dos-issue-and-commit-comments-master.yml
---
-title: Fix 500 error caused by invalid byte sequences in links
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-exclude_ids_attribute_cleaning.yml
+++ b/changelogs/unreleased/security-exclude_ids_attribute_cleaning.yml
---
-title: Ensure are cleaned by ImportExport::AttributeCleaner
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-filter-related-branches-from-activity-feed.yml
+++ b/changelogs/unreleased/security-filter-related-branches-from-activity-feed.yml
---
-title: Remove notes regarding Related Branches from Issue activity feeds for guest
-  users
-merge_request:
-author:
-type: security
--- a/changelogs/unreleased/security-fix-xss-in-label-namespace.yml
+++ b/changelogs/unreleased/security-fix-xss-in-label-namespace.yml
---
-title: Escape namespace in label references to prevent XSS
-merge_request:
-author:
-type: security