From b2febb46880ad3de0e2b5ceda7330a4099fc71e9 Mon Sep 17 00:00:00 2001
From: Fabien Potencier <fabien.potencier@gmail.com>
Date: Thu, 16 Nov 2017 18:43:51 +0100
Subject: [PATCH] updated CHANGELOG for 2.8.31

---
 CHANGELOG-2.8.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/CHANGELOG-2.8.md b/CHANGELOG-2.8.md
index fe42e8d13a..626c310af4 100644
--- a/CHANGELOG-2.8.md
+++ b/CHANGELOG-2.8.md
@@ -7,6 +7,13 @@ in 2.8 minor versions.
 To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash
 To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v2.8.0...v2.8.1
 
+* 2.8.31 (2017-11-16)
+
+ * security #24995 Validate redirect targets using the session cookie domain (nicolas-grekas)
+ * security #24994 Prevent bundle readers from breaking out of paths (xabbuh)
+ * security #24993 Ensure that submitted data are uploaded files (xabbuh)
+ * security #24992 Namespace generated CSRF tokens depending of the current scheme (dunglas)
+
 * 2.8.30 (2017-11-13)
 
  * bug #24952 [HttpFoundation] Fix session-related BC break (nicolas-grekas, sroze)