[ci skip] Move changelog entry for PR #5391 from 3.1.8 to 3.1.9

Apparently I forgot to cherry-pick the actual change into 3.1-stable
author: Andrey Andreev <narf@devilix.net> 2018-04-23 13:33:45 +0200
committer: Andrey Andreev <narf@devilix.net> 2018-04-23 13:33:45 +0200
commit: 0a715d6df5d6d9de8da861dccd1dd5f16e738efc (patch)
tree: 4f9918d78076905544ea8c18f3fcef598647f6fb
parent: 4dab9f8db84d5286ef1da9217af9e44771433b2f (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst
index 36f655182..d2033ac39 100644
--- a/user_guide_src/source/changelog.rst
+++ b/user_guide_src/source/changelog.rst
@@ -7,6 +7,10 @@ Version 3.1.9
 
 Release Date: Not Released
 
+- **Security**
+
+   -  Updated :doc:`URL Helper <helpers/url_helper>` function :php:func:`auto_link()` to add ``rel="noopener"`` to generated links in order to prevent tab hijacking.
+
 -  General Changes
 
    -  Updated :doc:`Query Builder <database/query_builder>` method ``limit()`` to allow ``0`` values.
@@ -24,7 +28,6 @@ Release Date: Mar 22, 2018
 
 - **Security**
 
-   -  Updated :doc:`URL Helper <helpers/url_helper>` function :php:func:`auto_link()` to add ``rel="noopener"`` to generated links in order to prevent tab hijacking.
    -  Updated :doc:`Security Library <libraries/security>` method ``xss_clean()`` to also filter JavaScript tag functions.
    -  Fixed a bug where :doc:`Security Library <libraries/security>` method ``xss_clean()`` didn't check for parentheses around JavaScript's ``document``.
author	Andrey Andreev <narf@devilix.net>	2018-04-23 13:33:45 +0200
committer	Andrey Andreev <narf@devilix.net>	2018-04-23 13:33:45 +0200
commit	0a715d6df5d6d9de8da861dccd1dd5f16e738efc (patch)
tree	4f9918d78076905544ea8c18f3fcef598647f6fb
parent	4dab9f8db84d5286ef1da9217af9e44771433b2f (diff)