CHANGELOG.md in activesupport-7.0.2.3 vs CHANGELOG.md in activesupport-7.0.2.4

- old
+ new

@@ -1,4 +1,13 @@
+## Rails 7.0.2.4 (April 26, 2022) ##
+
+*   Fix and add protections for XSS in `ActionView::Helpers` and `ERB::Util`.
+
+    Add the method `ERB::Util.xml_name_escape` to escape dangerous characters
+    in names of tags and names of attributes, following the specification of XML.
+
+    *Álvaro Martín Fraguas*
+
 ## Rails 7.0.2.3 (March 08, 2022) ##
 
 *   No changes.
 
 