CHANGELOG.md in launchdarkly-server-sdk-5.5.9 vs CHANGELOG.md in launchdarkly-server-sdk-5.5.10

- old
+ new
@@ -1,8 +1,12 @@
 # Change log
 
 All notable changes to the LaunchDarkly Ruby SDK will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org).
 
+## [5.5.10] - 2019-07-24
+### Fixed:
+- `FileDataSource` was using `YAML.load`, which has a known [security vulnerability](https://trailofbits.github.io/rubysec/yaml/index.html). This has been changed to use `YAML.safe_load`, which will refuse to parse any files that contain the `!` directives used in this type of attack. This issue does not affect any applications that do not use `FileDataSource` (which is meant for testing purposes, not production use). ([#139](https://github.com/launchdarkly/ruby-server-sdk/issues/139))
+
 ## [5.5.9] - 2019-07-23
 ### Fixed:
 - Due to the gem name no longer being the same as the `require` name, Bundler autoloading was no longer working in versions 5.5.7 and 5.5.8 of the SDK. This has been fixed. (Thanks, [tonyta](https://github.com/launchdarkly/ruby-server-sdk/pull/137)!)
 
 ## [5.5.8] - 2019-07-11