diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index e762107c..77656868 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -2,7 +2,7 @@ libssh2 1.11.1_DEV
 
 Deprecation notices:
 
-- Starting September 2024, the following algos go deprecated and will be
+- Starting October 2024, the following algos go deprecated and will be
   disabled in default builds (with an option to enable them):
 
   - DSA: `ssh-dss` hostkeys.
@@ -68,10 +68,12 @@ This release includes the following enhancements and bugfixes:
 - build: tidy-up `libssh2.pc.in` variable names (5720dd9f #1125)
 - build: add/fix `Requires.private` packages in `libssh2.pc` (ef538069 #1123)
 - buildconf: drop (814a850c #1441 follow: fc5d7788)
+- checksrc: update, check all sources, fix fallouts (1117b677 #1457)
 - checksrc: sync with curl (8cd473c9 #1272)
 - checksrc: fix spelling in comment (a95d401f)
 - checksrc: modernise Perl file open (3d309f9b)
 - checksrc: switch to dot file (d67a91aa #1052)
+- ci: use Ninja with cmake (20ad047d #1458)
 - ci: disable dependency tracking in autotools builds (e44f0418 #1396)
 - ci: fix mbedtls runners on macOS (84411539 #1381)
 - ci: enable Unity mode for most CMake builds (1bfae57b #1367 #1034)
@@ -104,7 +106,7 @@ This release includes the following enhancements and bugfixes:
 - ci: prefer `=` operator in shell snippets (e5c03043 #1073)
 - ci: drop redundant/unused vars, sync var names (ab8e95bc #1059)
 - ci: add i386 Linux build (with mbedTLS) (abdf40c7 #1057 #1053)
-- CI/appveyor: increase wait for SSH server on GHA (bf3af90b)
+- ci/appveyor: increase wait for SSH server on GHA (bf3af90b)
 - ci/appveyor: bump to OpenSSL 3.2.1 (53d9c1a6 #1363 #1348)
 - ci/appveyor: re-enable parallel mode (e190e5b2 #1294 #884 #867)
 - ci/appveyor: delete UWP job broken since Visual Studio upgrade (d0a7f1da #1275)
@@ -132,6 +134,9 @@ This release includes the following enhancements and bugfixes:
 - ci/GHA: review/fixup auto-cancel settings (b08cfbc9 #1292)
 - ci/GHA: restore curly braces in `if` (36748270 #1145)
 - ci/GHA: simplify `if` strings (cab3db58 #1140)
+- cmake: prefer `find_dependency()` in `libssh2-config.cmake` (d9c2e550 #1460)
+- cmake: tidy up syntax, minor improvements (9d9ee780 #1446)
+- cmake: rename mbedTLS and wolfSSL Find modules (570de0f2)
 - cmake: fixup version detection in mbedTLS Find module (8e3c40b2 #1444)
 - cmake: mbedTLS detection tidy-ups (6d1d13c2 #1438)
 - cmake: add quotes, delete ending dirseps (2bb46d44 #1437 #1166)
@@ -178,6 +183,7 @@ This release includes the following enhancements and bugfixes:
 - example, tests: call `WSACleanup()` for each `WSAStartup()` (94b6bad3 #1283)
 - example, tests: fix/silence `-Wformat-truncation=2` gcc warnings (744e059f)
 - hostkey: do not advertise ssh-rsa when SHA1 is disabled (82d1b8ff #1093 #1092)
+- kex: prevent possible double free of hostkey (b3465418 #1452)
 - kex: always check for null pointers before calling _libssh2_bn_set_word (9f23a3bb #1423)
 - kex: fix a memory leak in key exchange (19101843 #1412 #1404)
 - kex: always add extension indicators to kex_algorithms (00e2a07e #1327 #1326)
@@ -206,6 +212,8 @@ This release includes the following enhancements and bugfixes:
 - mingw: fix printf mask for 64-bit integers (36c1e1d1 #1091 #876 #846 #1090)
 - misc: flatten `_libssh2_explicit_zero` if tree (74e74288 #1149)
 - NMakefile: delete (c515eed3 #1134 #1129)
+- openssl: free allocated resources when using openssl3 (b942bad1 #1459)
+- openssl: fix memory leaks in `_libssh2_ecdsa_curve_name_with_octal_new` and `_libssh2_ecdsa_verify` (8d3bc19b #1449)
 - openssl: fix calculating DSA public key with OpenSSL 3 (8b3c6e9d #1380)
 - openssl: initialize BIGNUMs to NULL in `gen_publickey_from_dsa` for OpenSSL 3 (f1133c75 #1320)
 - openssl: fix cppcheck found NULL dereferences (f2945905 #1304)
@@ -276,6 +284,7 @@ This release includes the following enhancements and bugfixes:
 - tidy-up: delete duplicate word from comment (76307435)
 - tidy-up: avoid exclamations, prefer single quotes, in outputs (003fb454 #1079)
 - TODO: disable or drop weak algos (0b4bdc85 #1261)
+- transport: fix unstable connections over non-blocking sockets (de004875 #1454 #720 #1431 #1397)
 - transport: check ETM on remote end when receiving (bde10825 #1332 #1331)
 - transport: fix incorrect byte offset in debug message (2388a3aa #1096)
 - userauth: avoid oob with huge interactive kbd response (f3a85cad #1337)
@@ -298,10 +307,11 @@ advice from friends like these:
   Viktor Szakats, Michael Buckley, Patrick Monnerat, Ren Mingshuai,
   Will Cosgrove, Daniel Stenberg, Josef Cejka, Nicolas Mora, Ryan Kelley,
   Aaron Stone, Adam, András Fekete, Andrei Augustin, binary1248, Brian Inglis,
-  brucsc on GitHub, concussious on github, Dan Fandrich, Haowei Hsu,
-  Harmen Stoppels, Harry Mallon, Jack L, Jakob Egger, Jiwoo Park,
+  brucsc on GitHub, concussious on github, Dan Fandrich, dksslq on github,
+  Haowei Hsu, Harmen Stoppels, Harry Mallon, Jack L, Jakob Egger, Jiwoo Park,
   João M. S. Silva, Joel Depooter, Johannes Passing, Jose Quaresma,
-  Juliusz Sosinowicz, Kai Pastor, Kenneth Davidson, Lyndon Brown,
-  Marc Hoersken, mike-jumper, naddy, Nursan Valeyev, Paul Howarth, PewPewPew,
-  Radek Brich, rahmanih on github, Seo Suchan, shubhamhii on github,
-  Steve McIntyre, Tejaswi Kandula, Tobias Stoeckmann, Trzik, Xi Ruoyao
+  Juliusz Sosinowicz, Kai Pastor, Kenneth Davidson, klux21 on github,
+  Lyndon Brown, Marc Hoersken, mike-jumper, naddy, Nursan Valeyev,
+  Paul Howarth, PewPewPew, Radek Brich, rahmanih on github, rolag on github,
+  Seo Suchan, shubhamhii on github, Steve McIntyre, Tejaswi Kandula,
+  Tobias Stoeckmann, Trzik, Xi Ruoyao