diff --git a/ChangeLog.d/mpi_read_zero.txt b/ChangeLog.d/mpi_read_zero.txt
deleted file mode 100644
index 0c25159d9..000000000
--- a/ChangeLog.d/mpi_read_zero.txt
+++ /dev/null
@@ -1,9 +0,0 @@
-Changes
-   * mbedtls_mpi_read_binary(), mbedtls_mpi_read_binary_le() and
-     mbedtls_mpi_read_string() now construct an mbedtls_mpi object with 0 limbs
-     when their input has length 0. Note that this is an implementation detail
-     and can change at any time, so this change should be transparent, but it
-     may result in mbedtls_mpi_write_binary() or mbedtls_mpi_write_string()
-     now writing an empty string where it previously wrote one or more
-     zero digits when operating from values constructed with an mpi_read
-     function and some mpi operations.
diff --git a/ChangeLog.d/one-shot-mac.txt b/ChangeLog.d/one-shot-mac.txt
deleted file mode 100644
index 112891dec..000000000
--- a/ChangeLog.d/one-shot-mac.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Features
-   * Implement psa_mac_compute() and psa_mac_verify() as defined in the
-     PSA Cryptograpy API 1.0.0 specification.
diff --git a/ChangeLog.d/one-shot_cipher_functions.txt b/ChangeLog.d/one-shot_cipher_functions.txt
deleted file mode 100644
index 3bb85e10d..000000000
--- a/ChangeLog.d/one-shot_cipher_functions.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-API changes
-   * Implement one-shot cipher functions, psa_cipher_encrypt and
-     psa_cipher_decrypt, according to the PSA Crypto API 1.0.0
-     specification.
diff --git a/ChangeLog.d/pkcs1_v21_sign_ext.txt b/ChangeLog.d/pkcs1_v21_sign_ext.txt
deleted file mode 100644
index 76dfaf960..000000000
--- a/ChangeLog.d/pkcs1_v21_sign_ext.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Features
-   * Add mbedtls_rsa_rsassa_pss_sign_ext() function allowing to generate a
-     signature with a specific salt length. This function allows to validate
-     test cases provided in the NIST's CAVP test suite. Contributed by Cédric
-     Meuter in PR #3183.
diff --git a/ChangeLog.d/posix-define.txt b/ChangeLog.d/posix-define.txt
deleted file mode 100644
index 98cf2d012..000000000
--- a/ChangeLog.d/posix-define.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Bugfix
-   * In library/net_sockets.c, _POSIX_C_SOURCE and _XOPEN_SOURCE are
-     defined to specific values.  If the code is used in a context
-     where these are already defined, this can result in a compilation
-     error.  Instead, assume that if they are defined, the values will
-     be adequate to build Mbed TLS.
diff --git a/ChangeLog.d/psa-aead-output-size-macros-1.0.txt b/ChangeLog.d/psa-aead-output-size-macros-1.0.txt
deleted file mode 100644
index 94a66a5f6..000000000
--- a/ChangeLog.d/psa-aead-output-size-macros-1.0.txt
+++ /dev/null
@@ -1,12 +0,0 @@
-API changes
-   * Update AEAD output size macros to bring them in line with the PSA Crypto
-     API version 1.0 spec. This version of the spec parameterizes them on the
-     key type used, as well as the key bit-size in the case of
-     PSA_AEAD_TAG_LENGTH.
-     The old versions of these macros were renamed and deprecated as follows:
-     - PSA_AEAD_TAG_LENGTH          -> PSA_AEAD_TAG_LENGTH_1_ARG
-     - PSA_AEAD_ENCRYPT_OUTPUT_SIZE -> PSA_AEAD_ENCRYPT_OUTPUT_SIZE_2_ARG
-     - PSA_AEAD_DECRYPT_OUTPUT_SIZE -> PSA_AEAD_DECRYPT_OUTPUT_SIZE_2_ARG
-     - PSA_AEAD_UPDATE_OUTPUT_SIZE  -> PSA_AEAD_UPDATE_OUTPUT_SIZE_2_ARG
-     - PSA_AEAD_FINISH_OUTPUT_SIZE  -> PSA_AEAD_FINISH_OUTPUT_SIZE_1_ARG
-     - PSA_AEAD_VERIFY_OUTPUT_SIZE  -> PSA_AEAD_VERIFY_OUTPUT_SIZE_1_ARG
diff --git a/ChangeLog.d/psa-builtin-keys-implementation.txt b/ChangeLog.d/psa-builtin-keys-implementation.txt
deleted file mode 100644
index 66ba77d07..000000000
--- a/ChangeLog.d/psa-builtin-keys-implementation.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Features
-   * Added support for built-in driver keys through the PSA opaque crypto
-     driver interface. Refer to the documentation of
-     MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS for more information.
diff --git a/ChangeLog.d/psa-read-only-keys.txt b/ChangeLog.d/psa-read-only-keys.txt
deleted file mode 100644
index a4a282373..000000000
--- a/ChangeLog.d/psa-read-only-keys.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
-   * The PSA API no longer allows the creation or destruction of keys with a
-     read-only lifetime. The persistence level PSA_KEY_PERSISTENCE_READ_ONLY
-     can now only be used as intended, for keys that cannot be modified through
-     normal use of the API.
diff --git a/ChangeLog.d/psa-rsa-verify-alt-fix.txt b/ChangeLog.d/psa-rsa-verify-alt-fix.txt
deleted file mode 100644
index 74804caf7..000000000
--- a/ChangeLog.d/psa-rsa-verify-alt-fix.txt
+++ /dev/null
@@ -1,7 +0,0 @@
-Bugfix
-   * psa_verify_hash() was relying on implementation-specific behavior of
-     mbedtls_rsa_rsassa_pss_verify() and was causing failures in some _ALT
-     implementations. This reliance is now removed. Fixes #3990.
-   * Disallow inputs of length different from the corresponding hash when
-     signing or verifying with PSA_ALG_RSA_PSS (The PSA Crypto API mandates
-     that PSA_ALG_RSA_PSS uses the same hash throughout the algorithm.)
diff --git a/ChangeLog.d/psa-without-genprime-fix.txt b/ChangeLog.d/psa-without-genprime-fix.txt
deleted file mode 100644
index 8a7153a9c..000000000
--- a/ChangeLog.d/psa-without-genprime-fix.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Bugfix
-   * Restore the ability to configure PSA via Mbed TLS options to support RSA
-     key pair operations but exclude RSA key generation. When MBEDTLS_GENPRIME
-     is not defined PSA will no longer attempt to use mbedtls_rsa_gen_key().
-     Fixes #4512.
diff --git a/ChangeLog.d/psa_key_derivation-bad_workflow.txt b/ChangeLog.d/psa_key_derivation-bad_workflow.txt
deleted file mode 100644
index 7fd03e6c9..000000000
--- a/ChangeLog.d/psa_key_derivation-bad_workflow.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-Bugfix
-   * Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive
-     about missing inputs.
diff --git a/ChangeLog.d/psa_sign_message.txt b/ChangeLog.d/psa_sign_message.txt
deleted file mode 100644
index 2d77ec054..000000000
--- a/ChangeLog.d/psa_sign_message.txt
+++ /dev/null
@@ -1,2 +0,0 @@
-Features
-   * Implement psa_sign_message() and psa_verify_message().
diff --git a/ChangeLog.d/random-range.txt b/ChangeLog.d/random-range.txt
deleted file mode 100644
index dc35ec6c6..000000000
--- a/ChangeLog.d/random-range.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Security
-* Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM)
-  private keys and of blinding values for DHM and elliptic curves (ECP)
-  computations. Reported by FlorianF89 in #4245.
diff --git a/ChangeLog.d/reject-low-order-points-early.txt b/ChangeLog.d/reject-low-order-points-early.txt
deleted file mode 100644
index eb735697a..000000000
--- a/ChangeLog.d/reject-low-order-points-early.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Security
-   * An adversary with access to precise enough timing information (typically, a
-     co-located process) could recover a Curve25519 or Curve448 static ECDH key
-     after inputting a chosen public key and observing the victim performing the
-     corresponding private-key operation. Found and reported by Leila Batina,
-     Lukas Chmielewski, Björn Haase, Niels Samwel and Peter Schwabe.
diff --git a/ChangeLog.d/remove-config-psa-crypto.txt b/ChangeLog.d/remove-config-psa-crypto.txt
deleted file mode 100644
index 7903b8c3b..000000000
--- a/ChangeLog.d/remove-config-psa-crypto.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Changes
-   * Remove configs/config-psa-crypto.h, which was identical to the default
-     configuration except for having some extra cryptographic mechanisms
-     enabled and for unintended differences. This configuration was primarily
-     intended to demonstrate the PSA API, and lost most of its usefulness when
-     MBEDTLS_PSA_CRYPTO_C became enabled by default.
diff --git a/ChangeLog.d/session-cache.txt b/ChangeLog.d/session-cache.txt
deleted file mode 100644
index a12db3c1b..000000000
--- a/ChangeLog.d/session-cache.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Changes
-    * When using session cache based session resumption on the server,
-      double-check that custom session cache implementations return
-      sessions which are consistent with the negotiated ciphersuite
-      and compression method.
diff --git a/ChangeLog.d/spm_build.txt b/ChangeLog.d/spm_build.txt
deleted file mode 100644
index 6016d84e0..000000000
--- a/ChangeLog.d/spm_build.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
-   * When MBEDTLS_PSA_CRYPTO_SPM is enabled, crypto_spe.h was not included
-     in all the right places. Include it from crypto_platform.h, which is
-     the natural place. Fixes #4649.
diff --git a/ChangeLog.d/undefined_reference_without_psa.txt b/ChangeLog.d/undefined_reference_without_psa.txt
deleted file mode 100644
index 4dae53419..000000000
--- a/ChangeLog.d/undefined_reference_without_psa.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
-   * With MBEDTLS_PSA_CRYPTO_C disabled, some functions were getting built
-     nonetheless, resulting in undefined reference errors when building a
-     shared library. Reported by Guillermo Garcia M. in #4411.
diff --git a/ChangeLog.d/winsock.txt b/ChangeLog.d/winsock.txt
deleted file mode 100644
index 0b42e691c..000000000
--- a/ChangeLog.d/winsock.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-Bugfix
-   * Fix mbedtls_net_poll() and mbedtls_net_recv_timeout() often failing with
-     MBEDTLS_ERR_NET_POLL_FAILED on Windows. Fixes #4465.
-