From 8403afd84387716682c7087666709201d9b3683a Mon Sep 17 00:00:00 2001
From: Carlton Gibson <carlton.gibson@noumenal.es>
Date: Thu, 1 Aug 2019 11:59:45 +0200
Subject: [PATCH] [2.1.x] Added CVE-2019-14234 to security release archive.

Backport of 3a6a2f5eaf74200a9591a6311fdb0ea78ee305ee from master
---
 docs/releases/security.txt | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 2da3b86f865..450e36a87a9 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -1000,3 +1000,18 @@ Versions affected
 * Django 2.2 :commit:`(patch) <e34f3c0e9ee5fc9022428fe91640638bafd4cda7>`
 * Django 2.1 :commit:`(patch) <5ff8e791148bd451180124d76a55cb2b2b9556eb>`
 * Django 1.11 :commit:`(patch) <52479acce792ad80bb0f915f20b835f919993c72>`
+
+
+August 1, 2019 - :cve:`2019-14234`
+----------------------------------
+
+SQL injection possibility in key and index lookups for
+``JSONField``/``HStoreField``. `Full description
+<https://www.djangoproject.com/weblog/2019/aug/01/security-releases/>`__
+
+Versions affected
+~~~~~~~~~~~~~~~~~
+
+* Django 2.2 :commit:`(patch) <4f5b58f5cd3c57fee9972ab074f8dc6895d8f387>`
+* Django 2.1 :commit:`(patch) <f74b3ae3628c26e1b4f8db3d13a91d52a833a975>`
+* Django 1.11 :commit:`(patch) <ed682a24fca774818542757651bfba576c3fc3ef>`