From cc4805201bf79cbfc56fd89b1bef2930d7c96eff Mon Sep 17 00:00:00 2001
From: Mike Dalessio <mike.dalessio@gmail.com>
Date: Mon, 10 Feb 2020 14:18:47 -0500
Subject: [PATCH] update CHANGELOG for v1.10.8

related to #1992
---
 CHANGELOG.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f282af072e..565f971726 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -191,6 +191,12 @@ and the output from using system libraries now looks like:
       loaded: 1.1.29
 ```
 
+## 1.10.8 / 2020-02-10
+
+### Security
+
+[MRI] Pulled in upstream patch from libxml that addresses CVE-2020-7595. Full details are available in [#1992](https://github.com/sparklemotion/nokogiri/issues/1992). Note that this patch is not yet (as of 2020-02-10) in an upstream release of libxml.
+
 
 ## 1.10.7 / 2019-12-03
 
@@ -215,6 +221,7 @@ and the output from using system libraries now looks like:
 * CVE-2019-13117
 * CVE-2019-13118
 * CVE-2019-18197
+* CVE-2019-19956
 
 More details are available at [#1943](https://github.com/sparklemotion/nokogiri/issues/1943).