diff --git a/CHANGELOG.md b/CHANGELOG.md
index f37856cbf2..6800adc793 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -72,7 +72,7 @@ it will be removed; but as it won't be user-visible this isn't considered a brea
 
 ## RELEASE NOTES
 
-## [3.1.0] TBD
+## [3.1.0] August 01, 2022
 [3.1.0]: https://github.com/emissary-ingress/emissary/compare/v3.0.0...v3.1.0
 
 ### Emissary-ingress and Ambassador Edge Stack
@@ -80,6 +80,17 @@ it will be removed; but as it won't be user-visible this isn't considered a brea
 - Feature: The agent is now able to parse api contracts using swagger 2, and to convert them to
   OpenAPI 3, making them available for use in the dev portal.
 
+- Feature: Adds a new command to the agent directive service to manage secrets. This allows a third
+  party product to manage CRDs that depend upon a secret.
+
+- Feature: Add additional pprof endpoints to allow for profiling Emissary-ingress:
+    - CPU profiles
+  (/debug/pprof/profile)
+    - tracing (/debug/pprof/trace)
+    - command line running
+  (/debug/pprof/cmdline)
+    - program counters (/debug/pprof/symbol)
+
 - Change: In the standard published `.yaml` files, the `Module` resource enables serving remote
   client requests to the `:8877/ambassador/v0/diag/` endpoint. The associated Helm chart release
   also now enables it by default.
@@ -88,11 +99,18 @@ it will be removed; but as it won't be user-visible this isn't considered a brea
   from emissary ingress before sending them to Ambassador cloud. This issue has been resolved to
   ensure that all the nodes composing the emissary ingress cluster are reporting properly.
 
-- Feature: Adds a new command to the agent directive service to manage secrets. This allows a third
-  party product to manage CRDs that depend upon a secret.
+- Security: Updated Golang to 1.17.12 to address the CVEs: CVE-2022-23806, CVE-2022-28327,
+  CVE-2022-24675, CVE-2022-24921, CVE-2022-23772.
+
+- Security: Updated Curl to 7.80.0-r2 to address the CVEs: CVE-2022-32207, CVE-2022-27782,
+  CVE-2022-27781, CVE-2022-27780.
+
+- Security: Updated openSSL-dev to 1.1.1q-r0 to address CVE-2022-2097.
+
+- Security: Updated ncurses to 1.1.1q-r0 to address CVE-2022-29458
 
 ## [3.0.0] June 27, 2022
-[3.0.0]: https://github.com/emissary-ingress/emissary/compare/v2.3.2...v3.0.0
+[3.0.0]: https://github.com/emissary-ingress/emissary/compare/v2.3.1...v3.0.0
 
 ### Emissary-ingress and Ambassador Edge Stack
 
@@ -162,15 +180,6 @@ it will be removed; but as it won't be user-visible this isn't considered a brea
   HTTP/3 connections using QUIC and the UDP network protocol. It currently only supports for
   connections between downstream clients and Emissary-ingress.
 
-## [2.3.2] TBD
-[2.3.2]: https://github.com/emissary-ingress/emissary/compare/v2.3.1...v2.3.2
-
-### Emissary-ingress and Ambassador Edge Stack
-
-- Bugfix: A regression was introduced in 2.3.0 causing the agent to miss some of the metrics coming
-  from emissary ingress before sending them to Ambassador cloud. This issue has been resolved to
-  ensure that all the nodes composing the emissary ingress cluster are reporting properly.
-
 ## [2.3.1] June 09, 2022
 [2.3.1]: https://github.com/emissary-ingress/emissary/compare/v2.3.0...v2.3.1
 
diff --git a/docs/releaseNotes.yml b/docs/releaseNotes.yml
index c692c6d1c3..1f2bfbb750 100644
--- a/docs/releaseNotes.yml
+++ b/docs/releaseNotes.yml
@@ -33,13 +33,26 @@
 changelog: https://github.com/emissary-ingress/emissary/blob/$branch$/CHANGELOG.md
 items:
   - version: 3.1.0
-    date: 'TBD'
+    date: '2022-08-01'
     notes:
       - title: Add support for OpenAPI 2 contracts
         type: feature
         body: >-
           The agent is now able to parse api contracts using swagger 2, and to convert them to OpenAPI 3, making them
           available for use in the dev portal.
+      - title: Add new secrets sync directive to the Agent
+        type: feature
+        body: >-
+          Adds a new command to the agent directive service to manage secrets. This allows
+          a third party product to manage CRDs that depend upon a secret.
+      - title: Add additional pprof endpoints
+        type: feature
+        body: >-
+          Add additional pprof endpoints to allow for profiling $productName$:
+            - CPU profiles (/debug/pprof/profile)
+            - tracing (/debug/pprof/trace)
+            - command line running (/debug/pprof/cmdline)
+            - program counters (/debug/pprof/symbol)
       - title: Default YAML enables the diagnostics interface from non-local clients on the admin service port
         type: change
         body: >-
@@ -52,12 +65,24 @@ items:
           A regression was introduced in 2.3.0 causing the agent to miss some of the metrics coming from
           emissary ingress before sending them to Ambassador cloud. This issue has been resolved to ensure
           that all the nodes composing the emissary ingress cluster are reporting properly.
-
-      - title: Add support for secrets sync
-        type: feature
+      - title: Update Golang to 1.17.12
+        type: security
         body: >-
-          Adds a new command to the agent directive service to manage secrets. This allows
-          a third party product to manage CRDs that depend upon a secret.
+          Updated Golang to 1.17.12 to address the CVEs: CVE-2022-23806, CVE-2022-28327, CVE-2022-24675,
+          CVE-2022-24921, CVE-2022-23772.
+      - title: Update Curl to 7.80.0-r2
+        type: security
+        body: >-
+          Updated Curl to 7.80.0-r2 to address the CVEs: CVE-2022-32207, CVE-2022-27782, CVE-2022-27781,
+          CVE-2022-27780.
+      - title: Update openSSL-dev to 1.1.1q-r0
+        type: security
+        body: >-
+          Updated openSSL-dev to 1.1.1q-r0 to address CVE-2022-2097.
+      - title: Update ncurses to 1.1.1q-r0
+        type: security
+        body: >-
+          Updated ncurses to 1.1.1q-r0 to address CVE-2022-29458
 
   - version: 3.0.0
     date: '2022-06-27'
@@ -152,16 +177,6 @@ items:
           With the ugprade to Envoy 1.22, $productName$ can now be configured to listen for HTTP/3
           connections using QUIC and the UDP network protocol. It currently only supports for connections
           between downstream clients and $productName$.
-  - version: 2.3.2
-    date: 'TBD'
-    notes:
-      - title: fix regression in the agent for the metrics transfer.
-        type: bugfix
-        body: >-
-          A regression was introduced in 2.3.0 causing the agent to miss some of the metrics coming from
-          emissary ingress before sending them to Ambassador cloud. This issue has been resolved to ensure
-          that all the nodes composing the emissary ingress cluster are reporting properly.
-
   - version: 2.3.1
     date: '2022-06-09'
     notes: