diff --git a/README.md b/README.md
index 091f8b2..e0c8bf4 100644
--- a/README.md
+++ b/README.md
@@ -325,6 +325,12 @@ When you visit the site, you'll see the output of various cfenv calls.
 changes
 ================================================================================
 
+**1.2.1** - 2019/03/25
+
+- upgrade js-yaml to avoid vulnerability - [pr #39][]
+
+[pr #39]: https://github.com/cloudfoundry-community/node-cfenv/pull/39
+
 **1.2.0** - 2019/02/21
 
 - use vcapFile port value if available - [pr #36][]
diff --git a/package.json b/package.json
index 98e7388..aa1e34f 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
     "name": "cfenv",
     "main": "./lib/cfenv",
     "description": "easy access to your Cloud Foundry application environment",
-    "version": "1.2.0",
+    "version": "1.2.1",
     "author": "pmuellr",
     "license": "Apache-2.0",
     "homepage": "https://github.com/cloudfoundry-community/node-cfenv",