diff --git a/doc/ChangeLog b/doc/ChangeLog
index 3c46665109bb..3b59d87c44ba 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -8,6 +8,16 @@ FreeRADIUS 3.2.6 Mon 15 May 2024 12:00:00 UTC urgency=low
 	* require_message_authenticator=auto and limit_proxy_state=auto
 	  are not applied for wildcard clients.  This likely will
 	  leave your network in an insecure state.  Upgrade all clients!
+	* Fix spelling in starent SN[1]-Subscriber-Acct-Mode attribute
+	  value. Patch from John Thacker.
+	* Update dictionary.iea. Patch from John Thacker.
+	* Add warning for secrets that are too short.
+	* More debugging for SSL ciphers. Patch from Nick Porter.
+	* Update 3GPP dictionary. Patch from Nick Porter.
+	* Fix ZTE dictionary.
+	* Make radsecret more portable and avoid extra dependencies.
+	* Add timestamp for Client-Lost so we don't think it's 1970. Patch
+	  from Alexander Clouter. #5353
 
 	Bug fixes
 	* Dynamic clients now inherit require_message_authenticator
@@ -17,6 +27,10 @@ FreeRADIUS 3.2.6 Mon 15 May 2024 12:00:00 UTC urgency=low
 	  attack: https://support.checkpoint.com/results/sk/sk182516
 	  The Checkpoint systems drop packets containing Message-Authenticator,
 	  which violates the RFCs and is completely ridiculous.
+	* Fix duplicate CoA packet issue. #5397
+	* Several fixes in the event code
+	* Don't leak memory in rlm_sql_sqlite. #5392
+	* Don't stop processing RadSec data too early.
 
 FreeRADIUS 3.2.5 Tue 09 Jul 2024 12:00:00 UTC urgency=high
 	Configuration changes