add changelog categories, update CVE fragments to use security_fix category (#69968)

* use security_fix category in changelogs for CVEs

* these fragments do not say CVE but are security fixes

Co-authored-by: Alicia Cozine <acozine@users.noreply.github.com>

0 files changed, 0 insertions, 0 deletions