diff --git a/docs/overview/changelog.md b/docs/overview/changelog.md
index eeb4c0b1f6..5dc6d2d181 100644
--- a/docs/overview/changelog.md
+++ b/docs/overview/changelog.md
@@ -17,6 +17,27 @@ log][commit-log] for an up-to-date list of raw changes.
 
 ## Zulip 5.x series
 
+### 5.4 -- 2022-07-11
+
+- CVE-2022-31134: Exclude private file uploads from [exports of public
+  data](https://zulip.com/help/export-your-organization#export-of-public-data). We
+  would like to thank Antoine Benoist for bringing this issue to our
+  attention.
+- Upgraded python requirements.
+- Improved documentation for load balancers to mention CIDR address
+  ranges.
+- Documented an explicit list of supported CPU architectures.
+- Switched `html2text` to run as a subprocess, rather than a Python
+  module, as its GPL license is not compatible with Zulip’s.
+- Replaced `markdown-include` python module with a reimplementation,
+  as its GPL license is not compatible with Zulip’s.
+- Relicensed as GPL the `tools/check-thirdparty` developer tool which
+  verifies third-party licenses, due to a GPL dependency by way of
+  `python-debian`.
+- Closed a potential race condition in the Tornado server, with events
+  arriving at exactly the same time as request causing server errors.
+- Added a tool to help automate more of the release process.
+
 ### 5.3 -- 2022-06-21
 
 - CVE-2022-31017: Fixed message edit event exposure in
diff --git a/version.py b/version.py
index 2c8f12bcc5..18c430b4b3 100644
--- a/version.py
+++ b/version.py
@@ -14,7 +14,7 @@ ZULIP_VERSION = lines.pop(0).strip()
 ZULIP_MERGE_BASE = lines.pop(0).strip()
 
 LATEST_MAJOR_VERSION = "5.0"
-LATEST_RELEASE_VERSION = "5.3"
+LATEST_RELEASE_VERSION = "5.4"
 LATEST_RELEASE_ANNOUNCEMENT = "https://blog.zulip.com/2022/03/29/zulip-5-0-released/"
 
 # Versions of the desktop app below DESKTOP_MINIMUM_VERSION will be