DOC write 7.5 upgrade notes

diff --git a/server/sonar-docs/src/pages/setup/upgrade-notes.md b/server/sonar-docs/src/pages/setup/upgrade-notes.md
index 43555fbbf49c34ff0e3981e2bd4fa4b35467e6ff..d32e06adbf440a702915c26d5056f2c776b4fb97 100644 (file)
--- a/server/sonar-docs/src/pages/setup/upgrade-notes.md
+++ b/server/sonar-docs/src/pages/setup/upgrade-notes.md
@@ -3,6 +3,19 @@ title: Release Upgrade Notes
 url: /setup/upgrade-notes/
 ---
 
+## Release 7.5 Upgrade Notes  
+**Two Vulnerabilities Patched**  
+An open redirect vlunerability on login was corrected ([SONAR-11475](https://jira.sonarsource.com/browse/SONAR-11475)).
+
+An XSS vulnerability in custom project links was also patched. We would like to thank Daniele Costa, NCC Group for reporting the issue. ([SONAR-11506](https://jira.sonarsource.com/browse/SONAR-11506)).
+
+**DB Connection Pool Defaults Restored**  
+Database connection pool defaults have been restored to their pre-SonarQube 7.4 values. They were inadvertently affected by a change of connection pooling in 7.4 ([SONAR-11539](https://jira.sonarsource.com/browse/SONAR-11539)). 
+
+**More Issues Backdated**  
+Additional cases of issue backdating have been added, so fewer genuinely old issues will be reported in the New Code period ([MMF-1287](https://jira.sonarsource.com/browse/MMF-1287))
+
+
 ## Release 7.4 Upgrade Notes
 **Analysis Failure on Invalid New Code Period**  
 Analysis will fail if the New Code Period (see below) is not set to one of: