diff --git a/.github/workflows/code_freeze.yml b/.github/workflows/code_freeze.yml
index efe1d6e8856..1bb74feee50 100644
--- a/.github/workflows/code_freeze.yml
+++ b/.github/workflows/code_freeze.yml
@@ -9,4 +9,4 @@ jobs:
     steps:
     - name: Fail if Code Freeze is enabled
       run: |
-        exit 0
+        exit 1
diff --git a/changelog/16.0/16.0.2/summary.md b/changelog/16.0/16.0.2/summary.md
index 99b0c998396..1db25b678b9 100644
--- a/changelog/16.0/16.0.2/summary.md
+++ b/changelog/16.0/16.0.2/summary.md
@@ -1,5 +1,18 @@
 ## Summary
 
+### Upgrade to `go1.20.3`
+
+Vitess `v16.0.2` now runs on `go1.20.3`.
+Below is a summary of this Go patch release. You can learn more [here](https://go.dev/doc/devel/release#go1.20).
+
+> go1.20.3 (released 2023-04-04) includes security fixes to the go/parser, html/template, mime/multipart, net/http, and net/textproto packages, as well as bug fixes to the compiler, the linker, the runtime, and the time package. See the Go 1.20.3 milestone on our issue tracker for details.
+
+### EffectiveCallerId in Vtgate gRPC calls
+
+A new flag `grpc-use-static-authentication-callerid` is added to gate the behavior introduced in https://github.com/vitessio/vitess/pull/12050.
+Earlier, we used to automatically set immediateCallerID to user from static authentication context that overrode the EffectiveCallerId. 
+
+
 ### Shard name validation in TopoServer
 
 Prior to v16.0.2, it was possible to create a shard name with invalid characters, which would then be inaccessible to various cluster management operations.
diff --git a/changelog/16.0/README.md b/changelog/16.0/README.md
index 2f085cdecb6..da958347db9 100644
--- a/changelog/16.0/README.md
+++ b/changelog/16.0/README.md
@@ -1,6 +1,10 @@
 ## v16.0
 The dedicated team for this release can be found [here](team.md).
+* **[16.0.2](16.0.2)**
+
 * **[16.0.1](16.0.1)**
+	* [Changelog](16.0.1/changelog.md)
+	* [Release Notes](16.0.1/release_notes.md)
 
 * **[16.0.0](16.0.0)**
 	* [Changelog](16.0.0/changelog.md)