changelog: add v0.31.9 and v0.31.8 updates (#4034)

also replace TODO placeholder with the actual issue in v0.32.5

CHANGELOG.md

@@ -2,11 +2,11 @@
 
 ## v0.32.5
 
-*September 30, 2019*
+*October 1, 2019*
 
 This release fixes a major security vulnerability found in the `p2p` package.
-All clients are recommended to upgrade. See [TODO](hxxp://githublink) for
-details.
+All clients are recommended to upgrade. See
+[\#4030](https://github.com/tendermint/tendermint/issues/4030) for details.
 
 Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering
 and reporting this issue.
@@ -16,7 +16,7 @@ program](https://hackerone.com/tendermint).
 
 ### SECURITY:
 
-- [p2p] [TODO](hxxp://githublink) Fix for panic on nil public key send to a peer
+- [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer
 
 ## v0.32.4
 
@@ -223,6 +223,43 @@ program](https://hackerone.com/tendermint).
 - [node] [\#3716](https://github.com/tendermint/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address
 - [node] [\#3741](https://github.com/tendermint/tendermint/issues/3741) Fix profiler blocking the entire node
 
+## v0.31.9
+
+*October 1, 2019*
+
+This release fixes a major security vulnerability found in the `p2p` package.
+All clients are recommended to upgrade. See
+[\#4030](https://github.com/tendermint/tendermint/issues/4030) for details.
+
+Special thanks to [fudongbai](https://hackerone.com/fudongbai) for discovering
+and reporting this issue.
+
+Friendly reminder, we have a [bug bounty
+program](https://hackerone.com/tendermint).
+
+### SECURITY:
+
+- [p2p] [\#4030](https://github.com/tendermint/tendermint/issues/4030) Fix for panic on nil public key send to a peer
+
+### BUG FIXES:
+
+- [node] [\#3716](https://github.com/tendermint/tendermint/issues/3716) Fix a bug where `nil` is recorded as node's address
+- [node] [\#3741](https://github.com/tendermint/tendermint/issues/3741) Fix profiler blocking the entire node
+
+## v0.31.8
+
+*July 29, 2019*
+
+This releases fixes one bug in the PEX reactor and adds a `recover` to the Go's
+ABCI server, which allows it to properly cleanup.
+
+### IMPROVEMENTS:
+- [abci] [\#3809](https://github.com/tendermint/tendermint/issues/3809) Recover from application panics in `server/socket_server.go` to allow socket cleanup (@ruseinov)
+
+### BUG FIXES:
+- [p2p] [\#3338](https://github.com/tendermint/tendermint/issues/3338) Prevent "sent next PEX request too soon" errors by not calling
+  ensurePeers outside of ensurePeersRoutine
+
 ## v0.31.7
 
 *June 3, 2019*

CHANGELOG_PENDING.md

@@ -20,8 +20,8 @@ program](https://hackerone.com/tendermint).
 
 ### IMPROVEMENTS:
 
-- [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Improved `tm-monitor` formatting of start time and avg tx throughput
+- [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Improved `tm-monitor` formatting of start time and avg tx throughput (@erikgrinaker)
 
 ### BUG FIXES:
 
-- [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Refresh `tm-monitor` health when validator count is updated
+- [tools] [\#4023](https://github.com/tendermint/tendermint/issues/4023) Refresh `tm-monitor` health when validator count is updated (@erikgrinaker)