| Age | Commit message (Expand) | Author |
| 2022-04-11 | [4.0.x] Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against... | Mariusz Felisiak |
| 2022-04-11 | [4.0.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), a... | Mariusz Felisiak |
| 2022-04-11 | [4.0.x] Fixed #33628 -- Ignored directories with empty names in autoreloader ... | Manel Clos |
| 2022-04-04 | [4.0.x] Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28. | Mariusz Felisiak |
| 2022-03-30 | [4.0.x] Fixed #33598 -- Reverted "Removed unnecessary reuse_with_filtered_rel... | Mariusz Felisiak |
| 2022-03-29 | [4.0.x] Updated Oracle docs links to Oracle 21c. | Mariusz Felisiak |
| 2022-03-17 | [4.0.x] Added missing backticks to function names. | Mariusz Felisiak |
| 2022-03-01 | [4.0.x] Added stub release notes for Django 4.0.4. | Carlton Gibson |
| 2022-03-01 | [4.0.x] Updated release date for version 4.0.3. | Carlton Gibson |
| 2022-03-01 | [4.0.x] Fixed #33547 -- Fixed error when rendering invalid inlines with reado... | Mariusz Felisiak |
| 2022-02-16 | [4.0.x] Fixed #33515 -- Prevented recreation of migration for ManyToManyField... | Mariusz Felisiak |
| 2022-02-08 | [4.0.x] Refs #33476 -- Adjusted docs and config files for Black. | Carlton Gibson |
| 2022-02-02 | [4.0.x] Fixed typo in release notes. | David Smith |
| 2022-02-01 | [4.0.x] Added stub release notes for 4.0.3. | Mariusz Felisiak |
| 2022-02-01 | [4.0.x] Added CVE-2022-22818 and CVE-2022-23833 to security archive. | Mariusz Felisiak |
| 2022-02-01 | [4.0.x] Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads. | Mariusz Felisiak |
| 2022-02-01 | [4.0.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag. | Markus Holtermann |
| 2022-02-01 | [4.0.x] Fixed #33480 -- Fixed makemigrations crash when renaming field of ren... | Kirill Safronov |
| 2022-01-31 | [4.0.x] Fixed #33468 -- Fixed QuerySet.aggregate() after annotate() crash on ... | Mariusz Felisiak |
| 2022-01-29 | [4.0.x] Updated translations from Transifex. | Claude Paroz |
| 2022-01-27 | [4.0.x] Fixed #33462 -- Fixed migration crash when altering type of primary k... | Mariusz Felisiak |
| 2022-01-26 | [4.0.x] Fixed #33407 -- Fixed .radiolist admin CSS. | Carlton Gibson |
| 2022-01-25 | [4.0.x] Added stub release notes and release date for 4.0.2, 3.2.12, and 2.2.27. | Mariusz Felisiak |
| 2022-01-21 | [4.0.x] Fixed #33449 -- Fixed makemigrations crash on models without Meta.ord... | Fabian Büchler |
| 2022-01-10 | [4.0.x] Fixed #33426 -- Fixed ResolverMatch.__repr_() for class-based views. | Keryn Knight |
| 2022-01-08 | [4.0.x] Fixed #33425 -- Fixed view name for CBVs on technical 404 debug page. | Keryn Knight |
| 2022-01-07 | [4.0.x] Fixed #33419 -- Restored marking forms.Field.help_text as HTML safe. | David |
| 2022-01-07 | [4.0.x] Fixed #33410 -- Fixed recursive capturing of callbacks by TestCase.ca... | Petter Friberg |
| 2022-01-04 | [4.0.x] Added CVE-2021-45115, CVE-2021-45116, and CVE-2021-45452 to security ... | Carlton Gibson |
| 2022-01-04 | [4.0.x] Added stub release notes for Django 4.0.2. | Carlton Gibson |
| 2022-01-04 | [4.0.x] Fixed CVE-2021-45452 -- Fixed potential path traversal in storage sub... | Florian Apolloner |
| 2022-01-04 | [4.0.x] Fixed CVE-2021-45116 -- Fixed potential information disclosure in dic... | Florian Apolloner |
| 2022-01-04 | [4.0.x] Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilari... | Florian Apolloner |
| 2021-12-28 | [4.0.x] Added stub release notes for 4.0.1, 3.2.11, and 2.2.26 releases. | Carlton Gibson |
| 2021-12-22 | [4.0.x] Refs #32355 -- Bumped required psycopg2 version to 2.8.4. | Mariusz Felisiak |
| 2021-12-21 | [4.0.x] Fixed #32600 -- Fixed Geometry collections and Polygon segmentation f... | Brenton Partridge |
| 2021-12-17 | [4.0.x] Fixed #33366 -- Fixed case handling with swappable setting detection ... | Simon Charette |
| 2021-12-16 | [4.0.x] Fixed #33350 -- Reallowed using cache decorators with duck-typed Http... | Mariusz Felisiak |
| 2021-12-14 | [4.0.x] Fixed #33361 -- Fixed Redis cache backend crash on booleans. | Jeremy Lainé |
| 2021-12-08 | [4.0.x] Fixed #33346 -- Fixed SimpleTestCase.assertFormsetError() crash on a ... | Baptiste Mispelon |
| 2021-12-07 | [4.0.x] Improved release notes wording for template-based form rendering. | Nick Pope |
| 2021-12-07 | [4.0.x] Added stub release notes for 4.0.1. | Mariusz Felisiak |
| 2021-12-07 | [4.0.x] Finalized release notes for Django 4.0. | Mariusz Felisiak |
| 2021-12-07 | [4.0.x] Updated asgiref dependency for 4.0 release series. | Mariusz Felisiak |
| 2021-12-07 | [4.0.x] Added CVE-2021-44420 to security archive. | Mariusz Felisiak |
| 2021-12-07 | [4.0.x] Fixed #30530, CVE-2021-44420 -- Fixed potential bypass of an upstream... | Florian Apolloner |
| 2021-12-03 | [4.0.x] Fixed #33333 -- Fixed setUpTestData() crash with models.BinaryField o... | Mariusz Felisiak |
| 2021-11-30 | [4.0.x] Added stub release notes and release date for 3.2.10, 3.1.14 and 2.2.25. | Mariusz Felisiak |
| 2021-11-24 | [4.0.x] Fixed typo in docs/releases/4.0.txt. | Ryuji Tsutsui |
| 2021-11-18 | [4.0.x] Added Malay language. | jhisham |