| Age | Commit message (Expand) | Author |
| 2025-12-03 | Finalized release notes for Django 6.0. | Natalia |
| 2025-12-03 | Made cosmetic edits to docs/releases/6.0.txt. | Adam Johnson |
| 2025-12-02 | Added CVE-2025-13372 and CVE-2025-64460 to security archive. | Natalia |
| 2025-12-02 | Added stub release notes for 5.2.10. | Natalia |
| 2025-12-02 | Fixed CVE-2025-64460 -- Corrected quadratic inner text accumulation in XML se... | Shai Berger |
| 2025-12-02 | Fixed CVE-2025-13372 -- Protected FilteredRelation against SQL injection in c... | Jacob Walls |
| 2025-12-01 | Fixed #36712 -- Evaluated type annotations lazily in template tag registration. | Jacob Walls |
| 2025-11-26 | Refs #36743 -- Added missing release notes for 5.1.15 and 4.2.27. | Natalia |
| 2025-11-26 | Fixed #36743 -- Increased URL max length enforced in HttpResponseRedirectBase. | varunkasyap |
| 2025-11-25 | Added stub release notes and release date for 5.2.9, 5.1.15, and 4.2.27. | Natalia |
| 2025-11-25 | Fixed #36756 -- Dropped support for GDAL 3.1 and 3.2. | Mariusz Felisiak |
| 2025-11-25 | Fixed #35783 -- Added NumDimensions GIS database function and __num_dimension... | David Smith |
| 2025-11-24 | Fixed #36751 -- Fixed empty filtered aggregation crash over annotated queryset. | Simon Charette |
| 2025-11-22 | Fixed #35774 -- Dropped support for GEOS 3.8. | David Smith |
| 2025-11-21 | Fixed #36718 -- Added JSONField support for negative array indexing on Oracle... | Clifford Gama |
| 2025-11-20 | Added missing ticket links in docs/releases/5.2.8.txt. | Jacob Walls |
| 2025-11-20 | Fixed #36748 -- Filtered non-standard placeholders from UNNEST queries. | Chris Wesseling |
| 2025-11-20 | Fixed #36321 -- Defaulted suggest_on_error=True in management commands. | kihuni |
| 2025-11-20 | Refs #36663, #36739 -- Added release note for running checks against all data... | Storm B. Heg |
| 2025-11-18 | Fixed #36733 -- Escaped attributes in Stylesheet.__str__(). | varunkasyap |
| 2025-11-17 | Fixed #24920 -- Added support for DecimalField with no precision. | Mariusz Felisiak |
| 2025-11-14 | Refs #24928 -- Added introspection support for PostgreSQL HStoreField. | Mariusz Felisiak |
| 2025-11-12 | Fixed #36717 -- Redirect authenticated users on admin login view to next URL. | Benedict Etzel |
| 2025-11-05 | Added CVE-2025-64458 and CVE-2025-64459 to security archive. | Natalia |
| 2025-11-05 | Added stub release notes for 5.2.9. | Natalia |
| 2025-11-05 | Fixed CVE-2025-64459 -- Prevented SQL injections in Q/QuerySet via the _conne... | Jacob Walls |
| 2025-11-05 | Fixed CVE-2025-64458 -- Mitigated potential DoS in HttpResponseRedirect/HttpR... | Jacob Walls |
| 2025-11-04 | Fixed #36704 -- Fixed system check error for proxy model with a composite pk. | Hal Blackburn |
| 2025-10-31 | Fixed #36661 -- Added introspection of database-level delete options. | Mariusz Felisiak |
| 2025-10-29 | Refs #35381 -- Deprecated using None in JSONExact rhs to mean JSON null. | Clifford Gama |
| 2025-10-29 | Refs #35381 -- Delegated ArrayField element prepping to base_field.get_db_pre... | Clifford Gama |
| 2025-10-29 | Fixed #35381 -- Added JSONNull() expression. | Clifford Gama |
| 2025-10-29 | Added stub release notes and release date for 5.2.8, 5.1.14, and 4.2.26. | Jacob Walls |
| 2025-10-27 | Fixed #36624 -- Dropped support for MySQL < 8.4. | Mariusz Felisiak |
| 2025-10-22 | Made cosmetic edits to docs/releases/6.0.txt. | Natalia |
| 2025-10-19 | Refs #36005 -- Bumped minimum supported versions of docutils to 0.22. | Mariusz Felisiak |
| 2025-10-18 | Fixed #36671 -- Dropped support for SQLite < 3.37. | Mariusz Felisiak |
| 2025-10-18 | Fixed #21961 -- Added support for database-level delete options for ForeignKey. | Mariusz Felisiak |
| 2025-10-17 | Refs #35844 -- Doc'd Python 3.14 compatibility. | Mariusz Felisiak |
| 2025-10-16 | Fixed #28586 -- Added model field fetch modes. | Adam Johnson |
| 2025-10-14 | Fixed #36648, Refs #33772 -- Accounted for composite pks in first()/last() wh... | Jacob Walls |
| 2025-10-13 | Fixed #36611, Refs #36580 -- Added system check for multicolumn ForeignObject... | Sarah Boyce |
| 2025-10-11 | Fixed #36646 -- Added compatibility for oracledb 3.4.0. | Simon Charette |
| 2025-10-03 | Fixed #36623 -- Dropped support for PostgreSQL 14 and PostGIS 3.1. | Mariusz Felisiak |
| 2025-10-01 | Rewrapped security archive at 79 chars. | Mariusz Felisiak |
| 2025-10-01 | Added CVE-2025-59681 and CVE-2025-59682 to security archive. | Jacob Walls |
| 2025-10-01 | Added stub release notes for 5.2.8. | Jacob Walls |
| 2025-10-01 | Fixed CVE-2025-59682 -- Fixed potential partial directory-traversal via archi... | Sarah Boyce |
| 2025-10-01 | Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), ... | Mariusz Felisiak |
| 2025-09-30 | Made cosmetic edits to 5.2.7 release notes. | Jacob Walls |