Update CHANGELOG.md for 11.7.8

[ci skip]

CHANGELOG.md

@@ -2,6 +2,19 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 11.7.8 (2019-03-26)
+
+### Security (7 changes)
+
+- Disallow guest users from accessing Releases.
+- Fix PDF.js vulnerability.
+- Hide "related branches" when user does not have permission.
+- Fix XSS in resolve conflicts form.
+- Added rake task for removing EXIF data from existing uploads.
+- Disallow updating namespace when updating a project.
+- Use UntrustedRegexp for matching refs policy.
+
+
 ## 11.7.7 (2019-03-19)
 
 ### Security (2 changes)

changelogs/unreleased/disallow-guests-to-access-releases.yml

----
-title: Disallow guest users from accessing Releases
-merge_request:
-author:
-type: security

changelogs/unreleased/security-55503-fix-pdf-js-vulnerability.yml

----
-title: Fix PDF.js vulnerability
-merge_request:
-author:
-type: security

changelogs/unreleased/security-56224.yml

----
-title: Hide "related branches" when user does not have permission
-merge_request:
-author:
-type: security

changelogs/unreleased/security-56927-xss-resolve-conflicts-branch-name.yml

----
-title: Fix XSS in resolve conflicts form
-merge_request:
-author:
-type: security

changelogs/unreleased/security-exif-migration.yml

----
-title: Added rake task for removing EXIF data from existing uploads.
-merge_request:
-author:
-type: security

changelogs/unreleased/security-mass-assignment-on-project-update.yml

----
-title: Disallow updating namespace when updating a project
-merge_request:
-author:
-type: security

changelogs/unreleased/use-untrusted-regexp.yml

----
-title: Use UntrustedRegexp for matching refs policy
-merge_request:
-author:
-type: security