diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4d55d5de..7588f18b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Mechanize CHANGELOG
 
+## 2.8.5 / 2022-06-09
+
+### Security
+
+Fixes low-severity CVE-2022-31033, "Authorization header leak on port redirect." See [GHSA-64qm-hrgp-pgr9](https://github.com/sparklemotion/mechanize/security/advisories/GHSA-64qm-hrgp-pgr9) for more details.
+
+
 ## 2.8.4 / 2022-01-17
 
 ### Fix
diff --git a/lib/mechanize/version.rb b/lib/mechanize/version.rb
index 3b862e21..60a7e6e9 100644
--- a/lib/mechanize/version.rb
+++ b/lib/mechanize/version.rb
@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 class Mechanize
-  VERSION = "2.8.4"
+  VERSION = "2.8.5"
 end