diff --git a/certbot/CHANGELOG.md b/certbot/CHANGELOG.md
index 3b54baa9a..e9ebf224a 100644
--- a/certbot/CHANGELOG.md
+++ b/certbot/CHANGELOG.md
@@ -3,6 +3,45 @@
 Certbot adheres to [Semantic Versioning](https://semver.org/).
 
 <!-- towncrier release notes start -->
+
+## 4.2.0 - 2025-08-05
+
+### Added
+
+- Added `--eab-hmac-alg` parameter to support custom HMAC algorithm for
+  External Account Binding.
+  ([#10281](https://github.com/certbot/certbot/issues/10281))
+
+### Changed
+
+- Catches and ignores errors during the directory fetch for ARI checking so
+  that these errors do not hinder the actual certificate issuance.
+  ([#10342](https://github.com/certbot/certbot/issues/10342))
+- Removed the dependency on `pytz`.
+  ([#10350](https://github.com/certbot/certbot/issues/10350))
+- Deprecated `acme.crypto_util.probe_sni`
+  ([#10386](https://github.com/certbot/certbot/issues/10386))
+- Support for Python 3.9 was deprecated and will be removed in our next planned
+  release. ([#10390](https://github.com/certbot/certbot/issues/10390))
+
+### Fixed
+
+- The Certbot snap no longer sets the environment variable PYTHONPATH stopping
+  it from picking up Python files in the current directory and polluting the
+  environment for Certbot hooks written in Python.
+  ([#10176](https://github.com/certbot/certbot/issues/10176),
+  [#10257](https://github.com/certbot/certbot/issues/10257))
+- Previously, we claimed to set FAILED_DOMAINS and RENEWED_DOMAINS env
+  variables for use by post-hooks when certificate renewals fail, but we were
+  not actually setting them. Now, we are.
+  ([#10259](https://github.com/certbot/certbot/issues/10259))
+- Certbot now always uses the server value from the renewal configuration file
+  for ARI checks instead of the server value from the current invocation of
+  Certbot. This helps prevent ARI requests from going to the wrong server if
+  the user changes CAs.
+  ([#10339](https://github.com/certbot/certbot/issues/10339))
+
+
 ## 4.1.1 - 2025-06-12
 
 ### Fixed
diff --git a/newsfragments/10176.fixed b/newsfragments/10176.fixed
deleted file mode 100644
index 9edda49d6..000000000
--- a/newsfragments/10176.fixed
+++ /dev/null
@@ -1 +0,0 @@
-The Certbot snap no longer sets the environment variable PYTHONPATH stopping it from picking up Python files in the current directory and polluting the environment for Certbot hooks written in Python.
diff --git a/newsfragments/10257.fixed b/newsfragments/10257.fixed
deleted file mode 100644
index 9edda49d6..000000000
--- a/newsfragments/10257.fixed
+++ /dev/null
@@ -1 +0,0 @@
-The Certbot snap no longer sets the environment variable PYTHONPATH stopping it from picking up Python files in the current directory and polluting the environment for Certbot hooks written in Python.
diff --git a/newsfragments/10259.fixed b/newsfragments/10259.fixed
deleted file mode 100644
index 277b7a0a0..000000000
--- a/newsfragments/10259.fixed
+++ /dev/null
@@ -1 +0,0 @@
-Previously, we claimed to set FAILED_DOMAINS and RENEWED_DOMAINS env variables for use by post-hooks when certificate renewals fail, but we were not actually setting them. Now, we are.
diff --git a/newsfragments/10281.added b/newsfragments/10281.added
deleted file mode 100644
index c8fea9cdb..000000000
--- a/newsfragments/10281.added
+++ /dev/null
@@ -1 +0,0 @@
-Added `--eab-hmac-alg` parameter to support custom HMAC algorithm for External Account Binding.
diff --git a/newsfragments/10339.fixed b/newsfragments/10339.fixed
deleted file mode 100644
index d0924db88..000000000
--- a/newsfragments/10339.fixed
+++ /dev/null
@@ -1 +0,0 @@
-Certbot now always uses the server value from the renewal configuration file for ARI checks instead of the server value from the current invocation of Certbot. This helps prevent ARI requests from going to the wrong server if the user changes CAs.
diff --git a/newsfragments/10342.changed b/newsfragments/10342.changed
deleted file mode 100644
index 4c2fe6f96..000000000
--- a/newsfragments/10342.changed
+++ /dev/null
@@ -1 +0,0 @@
-Catches and ignores errors during the directory fetch for ARI checking so that these errors do not hinder the actual certificate issuance.
diff --git a/newsfragments/10350.changed b/newsfragments/10350.changed
deleted file mode 100644
index 410eef3ff..000000000
--- a/newsfragments/10350.changed
+++ /dev/null
@@ -1 +0,0 @@
-Removed the dependency on `pytz`.
diff --git a/newsfragments/10386.changed b/newsfragments/10386.changed
deleted file mode 100644
index 5918609be..000000000
--- a/newsfragments/10386.changed
+++ /dev/null
@@ -1 +0,0 @@
-Deprecated `acme.crypto_util.probe_sni`
diff --git a/newsfragments/10390.changed b/newsfragments/10390.changed
deleted file mode 100644
index 37a988e3b..000000000
--- a/newsfragments/10390.changed
+++ /dev/null
@@ -1 +0,0 @@
-Support for Python 3.9 was deprecated and will be removed in our next planned release.