Add security section to 4.39.0 release notes (#22178)

We have published and fixed CVE-2025-1696 in this release

<!--Delete sections as needed -->

## Description

<!-- Tell us what you did and why -->

## Related issues or tickets

<!-- Related issues, pull requests, or Jira tickets -->

## Reviews

<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->

- [ ] Technical review
- [ ] Editorial review
- [ ] Product review

Author: twelsh-aw

content/manuals/desktop/release-notes.md

@@ -48,6 +48,10 @@ For more frequently asked questions, see the [FAQs](/manuals/desktop/troubleshoo
 - [Docker Engine v28.0.1](https://docs.docker.com/engine/release-notes/28/#2801)
 - [Docker Scout CLI v1.16.3](https://github.com/docker/scout-cli/releases/tag/v1.16.3)
 
+### Security
+
+- Fixed [CVE-2025-1696](https://www.cve.org/CVERecord?id=CVE-2025-1696) which could disclose proxy authentication credentials in plaintext in log files.
+
 ### Bug fixes and enhancements
 
 #### For all platforms