Update CHANGELOG for 8.6.5, 8.5.10, 8.4.8, and 8.3.7

[ci skip]

CHANGELOG

@@ -33,9 +33,14 @@ v 8.7.0 (unreleased)
   - ClosingIssueExtractor regex now also works with colons. e.g. "Fixes: #1234" !3591
   - Update number of Todos in the sidebar when it's marked as "Done". !3600
 
-v 8.6.5 (unreleased)
-  - Only update repository language if it is not set to improve performance
-  - Check permissions when user attempts to import members from another project
+v 8.6.5
+  - Fix importing from GitHub Enterprise. !3529
+  - Perform the language detection after updating merge requests in `GitPushService`, leading to faster visual feedback for the end-user. !3533
+  - Check permissions when user attempts to import members from another project. !3535
+  - Only update repository language if it is not set to improve performance. !3556
+  - Return status code 303 after a branch DELETE operation to avoid project deletion (Stan Hu). !3583
+  - Unblock user when active_directory is disabled and it can be found !3550
+  - Fix a 2FA authentication spoofing vulnerability.
 
 v 8.6.4
   - Don't attempt to fetch any tags from a forked repo (Stan Hu)
@@ -155,6 +160,9 @@ v 8.6.0
   - Trigger a todo for mentions on commits page
   - Let project owners and admins soft delete issues and merge requests
 
+v 8.5.10
+  - Fix a 2FA authentication spoofing vulnerability.
+
 v 8.5.9
   - Don't attempt to fetch any tags from a forked repo (Stan Hu).
 
@@ -299,6 +307,9 @@ v 8.5.0
   - Show label row when filtering issues or merge requests by label (Nuttanart Pornprasitsakul)
   - Add Todos
 
+v 8.4.8
+  - Fix a 2FA authentication spoofing vulnerability.
+
 v 8.4.7
   - Don't attempt to fetch any tags from a forked repo (Stan Hu).
 
@@ -418,6 +429,9 @@ v 8.4.0
   - Add IP check against DNSBLs at account sign-up
   - Added cache:key to .gitlab-ci.yml allowing to fine tune the caching
 
+v 8.3.7
+  - Fix a 2FA authentication spoofing vulnerability.
+
 v 8.3.6
   - Don't attempt to fetch any tags from a forked repo (Stan Hu).