[1.11.x] Added CVE-2019-14235 to security release archive.

Backport of a5652eb795e896df0c0f2515201f35f9cd86b99b from master
author: Carlton Gibson <carlton.gibson@noumenal.es> 2019-08-01 12:01:27 +0200
committer: Carlton Gibson <carlton.gibson@noumenal.es> 2019-08-01 12:07:11 +0200
commit: 3deda1f680ef34a753f6d872813737f363cb4886 (patch)
tree: 704cb952160aff81be5ffc94ca248f15e6bf5ac6
parent: 738b45dd3b3cd17ec52744b1181597de073f5e4d (diff)
download: django-3deda1f680ef34a753f6d872813737f363cb4886.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 450e36a87a..ef70cac0d9 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -1015,3 +1015,17 @@ Versions affected
 * Django 2.2 :commit:`(patch) <4f5b58f5cd3c57fee9972ab074f8dc6895d8f387>`
 * Django 2.1 :commit:`(patch) <f74b3ae3628c26e1b4f8db3d13a91d52a833a975>`
 * Django 1.11 :commit:`(patch) <ed682a24fca774818542757651bfba576c3fc3ef>`
+
+August 1, 2019 - :cve:`2019-14235`
+----------------------------------
+
+Potential memory exhaustion in ``django.utils.encoding.uri_to_iri()``. `Full
+description
+<https://www.djangoproject.com/weblog/2019/aug/01/security-releases/>`__
+
+Versions affected
+~~~~~~~~~~~~~~~~~
+
+* Django 2.2 :commit:`(patch) <cf694e6852b0da7799f8b53f1fb2f7d20cf17534>`
+* Django 2.1 :commit:`(patch) <5d50a2e5fa36ad23ab532fc54cf4073de84b3306>`
+* Django 1.11 :commit:`(patch) <869b34e9b3be3a4cfcb3a145f218ffd3f5e3fd79>`
author	Carlton Gibson <carlton.gibson@noumenal.es>	2019-08-01 12:01:27 +0200
committer	Carlton Gibson <carlton.gibson@noumenal.es>	2019-08-01 12:07:11 +0200
commit	3deda1f680ef34a753f6d872813737f363cb4886 (patch)
tree	704cb952160aff81be5ffc94ca248f15e6bf5ac6
parent	738b45dd3b3cd17ec52744b1181597de073f5e4d (diff)
download	django-3deda1f680ef34a753f6d872813737f363cb4886.tar.gz