diff --git a/CHANGES.md b/CHANGES.md
index 75dc5fa89395bd016376ec9da251404d79fed7a8..38a0814bbf535f81d4b2a22dc89f5b3169f04fe1 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,3 +1,27 @@
+Synapse 1.21.2 (2020-10-15)
+===========================
+
+Debian packages and Docker images have been rebuilt using the latest versions of dependency libraries, including authlib 0.15.1. Please see bugfixes below.
+
+Security advisory
+-----------------
+
+* HTML pages served via Synapse were vulnerable to cross-site scripting (XSS)
+  attacks. All server administrators are encouraged to upgrade.
+  ([\#8444](https://github.com/matrix-org/synapse/pull/8444))
+  ([CVE-2020-26891](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26891))
+
+  This fix was originally included in v1.21.0 but was missing a security advisory.
+
+  This was reported by [Denis Kasak](https://github.com/dkasak).
+
+Bugfixes
+--------
+
+- Fix rare bug where sending an event would fail due to a racey assertion. ([\#8530](https://github.com/matrix-org/synapse/issues/8530))
+- An updated version of the authlib dependency is included in the Docker and Debian images to fix an issue using OpenID Connect. See [\#8534](https://github.com/matrix-org/synapse/issues/8534) for details.
+
+
 Synapse 1.21.1 (2020-10-13)
 ===========================
 
diff --git a/changelog.d/8530.bugfix b/changelog.d/8530.bugfix
deleted file mode 100644
index 443d88424ead01401753437e01c731637d7626b0..0000000000000000000000000000000000000000
--- a/changelog.d/8530.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fix rare bug where sending an event would fail due to a racey assertion.
diff --git a/debian/changelog b/debian/changelog
index eeafd4f50abe93280c03b02877278300a309af2d..8d873a4845c80766679fab791d64ff8b8911c082 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+matrix-synapse-py3 (1.21.2) stable; urgency=medium
+
+  [ Synapse Packaging team ]
+  * New synapse release 1.21.2.
+
+ -- Synapse Packaging team <packages@matrix.org>  Thu, 15 Oct 2020 09:23:27 -0400
+
 matrix-synapse-py3 (1.21.1) stable; urgency=medium
 
   [ Synapse Packaging team ]
diff --git a/synapse/__init__.py b/synapse/__init__.py
index 722b53a67de0c5113993d005fdf67393a7a194a2..83b8e4897f3cfab66fb421a561b40a759dfe5f3e 100644
--- a/synapse/__init__.py
+++ b/synapse/__init__.py
@@ -48,7 +48,7 @@ try:
 except ImportError:
     pass
 
-__version__ = "1.21.1"
+__version__ = "1.21.2"
 
 if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)):
     # We import here so that we don't have to install a bunch of deps when