From 341f44448c899719f123699fb014725802a650af Mon Sep 17 00:00:00 2001
From: Nick Pope <nick.pope@flightdataservices.com>
Date: Mon, 3 Jun 2019 20:17:39 +0100
Subject: [PATCH] [1.11.x] Added CVE-2019-12308 to the security release
 archive.

Backport of 21b1d239125f1228e579b1ce8d94d4d5feadd2a6 from master
---
 docs/releases/security.txt | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index e318c62bf79..d26669d63ae 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -948,3 +948,16 @@ Versions affected
 
 * Django 2.2 :commit:`(patch) <baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad>`
 * Django 2.1 :commit:`(patch) <95649bc08547a878cebfa1d019edec8cb1b80829>`
+
+June 3, 2019 - :cve:`2019-12308`
+--------------------------------
+
+XSS via "Current URL" link generated by ``AdminURLFieldWidget``. `Full
+description <https://www.djangoproject.com/weblog/2019/jun/03/security-releases/>`__
+
+Versions affected
+~~~~~~~~~~~~~~~~~
+
+* Django 2.2 :commit:`(patch) <afddabf8428ddc89a332f7a78d0d21eaf2b5a673>`
+* Django 2.1 :commit:`(patch) <09186a13d975de6d049f8b3e05484f66b01ece62>`
+* Django 1.11 :commit:`(patch) <c238701859a52d584f349cce15d56c8e8137c52b>`