| Age | Commit message (Expand) | Author |
| 2026-03-03 | [6.0.x] Fixed CVE-2026-25674 -- Prevented potentially incorrect permissions o... | Natalia |
| 2026-03-03 | [6.0.x] Fixed CVE-2026-25673 -- Simplified URLField scheme detection. | Natalia |
| 2026-03-02 | [6.0.x] Fixed #36961 -- Fixed TypeError in deprecation warnings if Django is ... | Jacob Walls |
| 2026-02-25 | [6.0.x] Fixed #36951 -- Removed empty exc_info from log_task_finished signal ... | Elias Hernandis |
| 2026-02-24 | [6.0.x] Added stub release notes and release date for 6.0.3, 5.2.12, and 4.2.29. | Natalia |
| 2026-02-20 | [6.0.x] Fixed #36920 -- Fixed alignment of fieldset legends in wide admin forms. | usman |
| 2026-02-20 | [6.0.x] Fixed #36934, Refs #35972 -- Coped with params in a tuple in BuiltinL... | Jacob Walls |
| 2026-02-10 | [6.0.x] Fixed #36903 -- Fixed further NameErrors when inspecting functions wi... | 93578237 |
| 2026-02-10 | [6.0.x] Added stub release notes for 5.2.12. | Jacob Walls |
| 2026-02-10 | [6.0.x] Refs #35444 -- Doc'd deprecation in contrib.postgres.aggreggates.Stri... | Jacob Walls |
| 2026-02-03 | [6.0.x] Added CVE-2025-13473, CVE-2025-14550, CVE-2026-1207, CVE-2026-1285, C... | Jacob Walls |
| 2026-02-03 | [6.0.x] Added stub release notes for 6.0.3. | Jacob Walls |
| 2026-02-03 | [6.0.x] Fixed CVE-2026-1312 -- Protected order_by() from SQL injection via al... | Jacob Walls |
| 2026-02-03 | [6.0.x] Fixed CVE-2026-1287 -- Protected against SQL injection in column alia... | Jake Howard |
| 2026-02-03 | [6.0.x] Fixed CVE-2026-1285 -- Mitigated potential DoS in django.utils.text.T... | Natalia |
| 2026-02-03 | [6.0.x] Fixed CVE-2026-1207 -- Prevented SQL injections in RasterField lookup... | Jacob Walls |
| 2026-02-03 | [6.0.x] Fixed CVE-2025-14550 -- Optimized repeated header parsing in ASGI req... | Jake Howard |
| 2026-02-03 | [6.0.x] Fixed CVE-2025-13473 -- Standardized timing of check_password() in mo... | Jake Howard |
| 2026-02-02 | [6.0.x] Fixed #36788 -- Fixed horizontal form field alignment under <fieldset... | Jacob Walls |
| 2026-01-29 | [6.0.x] Fixed #36847 -- Ensured auto_now_add fields are set on pre_save(). | Nilesh Kumar Pahari |
| 2026-01-27 | [6.0.x] Added stub release notes and release date for 6.0.2, 5.2.11, and 4.2.28. | Jacob Walls |
| 2026-01-26 | [6.0.x] Fixed #36850 -- Prevented admin filter sidebar from wrapping below th... | Nilesh Kumar Pahari |
| 2026-01-14 | [6.0.x] Fixed #36855, Refs #27222 -- Mentioned multiple invocations of Field.... | kundan223 |
| 2026-01-08 | [6.0.x] Clarified regression nature of data loss bug in docs/releases/6.0.1.t... | Tim Graham |
| 2026-01-06 | [6.0.x] Added stub release notes for 6.0.2. | Jacob Walls |
| 2026-01-06 | [6.0.x] Added stub release notes for 5.2.11. | Jacob Walls |
| 2026-01-06 | [6.0.x] Added release date for 6.0.1. | Jacob Walls |
| 2026-01-06 | [6.0.x] Added release date for 5.2.10. | Jacob Walls |
| 2026-01-05 | [6.0.x] Fixed #36843, #36793 -- Reverted "Fixed #27489 -- Renamed permissions... | Jacob Walls |
| 2025-12-31 | [6.0.x] Refs #33647 -- Fixed silent data truncation in bulk_create on Postgres. | Simon Charette |
| 2025-12-31 | [6.0.x] Fixed #36829 -- Reverted value of ClearableFileInput.use_fieldset to ... | Johannes Maron |
| 2025-12-26 | [6.0.x] Fixed #36796 -- Handled lazy routes correctly in RoutePattern.match(). | kundan223 |
| 2025-12-24 | [6.0.x] Refs #36810 -- Avoided infinite recursion in LazyNonce.__repr__(). | Sean Reed |
| 2025-12-22 | [6.0.x] Fixed #36807 -- Fixed form field alignment under <fieldset> in the ad... | Jacob Walls |
| 2025-12-22 | [6.0.x] Fixed #36818 -- Ensured SQLite connection before accessing max_query_... | guro-Ishiguro |
| 2025-12-22 | [6.0.x] Fixed #36376 -- Fixed --no-color for command help in Python 3.14+. | Skyiesac |
| 2025-12-16 | [6.0.x] Fixed #36800 -- Restored ManyToManyField renaming in BaseDatabaseSche... | Clifford Gama |
| 2025-12-15 | [6.0.x] Fixed #36783 -- Ensured proper handling of multi-value QueryDicts in ... | Marc Gibbons |
| 2025-12-03 | [6.0.x] Refs #36520 -- Removed release note for refactored `parse_header_para... | Jake Howard |
| 2025-12-03 | [6.0.x] Added stub release notes for 6.0.1. | Natalia |
| 2025-12-03 | [6.0.x] Refs #35859 -- Clarified Tasks ref and topics docs regarding availabl... | Jacob Walls |
| 2025-12-03 | [6.0.x] Finalized release notes for Django 6.0. | Natalia |
| 2025-12-03 | [6.0.x] Made cosmetic edits to docs/releases/6.0.txt. | Adam Johnson |
| 2025-12-02 | [6.0.x] Added CVE-2025-13372 and CVE-2025-64460 to security archive. | Natalia |
| 2025-12-02 | [6.0.x] Added stub release notes for 5.2.10. | Natalia |
| 2025-12-02 | [6.0.x] Fixed CVE-2025-64460 -- Corrected quadratic inner text accumulation i... | Shai Berger |
| 2025-12-02 | [6.0.x] Fixed CVE-2025-13372 -- Protected FilteredRelation against SQL inject... | Jacob Walls |
| 2025-12-01 | [6.0.x] Fixed #36712 -- Evaluated type annotations lazily in template tag reg... | Jacob Walls |
| 2025-11-26 | [6.0.x] Refs #36743 -- Added missing release notes for 5.1.15 and 4.2.27. | Natalia |
| 2025-11-26 | [6.0.x] Fixed #36743 -- Increased URL max length enforced in HttpResponseRedi... | varunkasyap |