diff --git a/CHANGELOG.md b/CHANGELOG.md
index cdd88b8969e70c23af86f073641f7a2fccf63354..ec7cdf9a8315ec7dd48a169a494aa7af0ecb2876 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -504,6 +504,20 @@ entry.
 - [Bump the finalize_after date of backfill migration](gitlab-org/gitlab@770ab7faa2048bfeb8bddd506e6f37fe18bb4d06) ([merge request](gitlab-org/gitlab!140109))
 - [Remove code_suggestions_completion_api feature](gitlab-org/gitlab@988e2f57f9635ed9cc3896b15965b608fce54756) ([merge request](gitlab-org/gitlab!138174)) **GitLab Enterprise Edition**
 
+## 16.7.4 (2024-01-24)
+
+### Fixed (1 change)
+
+- [Bring legacy verification behavior back for repositories](gitlab-org/security/gitlab@0f3c5e6c2867cb9ea5ca40cf6a0f1526d6018ad1) **GitLab Enterprise Edition**
+
+### Security (5 changes)
+
+- [Devfile parser arbitrary file write](gitlab-org/security/gitlab@ae7844052f79e4fa987818bf642313fb6e47388f) ([merge request](gitlab-org/security/gitlab!3800))
+- [Use public email in tags atom feed](gitlab-org/security/gitlab@9abe7c6ca865c4884ad25db17c02ee7feb5c6c91) ([merge request](gitlab-org/security/gitlab!3803))
+- [Fix improper username sanitization](gitlab-org/security/gitlab@58ab3f89b3298a248640bddbf94a5c3fdf27a867) ([merge request](gitlab-org/security/gitlab!3785))
+- [Escape user input before building regex for linker](gitlab-org/security/gitlab@ced4fa77abf8a05cbc015b6128220d783d11c3a2) ([merge request](gitlab-org/security/gitlab!3788))
+- [Do not allow non-team member to set MR assignees/reviewers](gitlab-org/security/gitlab@d374f84266d2ca14a79a3924f458e244b50191e4) ([merge request](gitlab-org/security/gitlab!3792))
+
 ## 16.7.3 (2024-01-13)
 
 ### Fixed (1 change)