[1.9.x] Added CVE-2016-6186 to the security release archive.

Backport of bc53af13cbf09b0cbac945426c2d51d0ca52fff3 from master
author: Tim Graham <timograham@gmail.com> 2016-07-18 15:19:35 -0400
committer: Tim Graham <timograham@gmail.com> 2016-07-18 15:20:38 -0400
commit: 57c4db8c6903e3e95f53f8f0ca448231b385071f (patch)
tree: d4001ea6e8afafa1053fcd1f5354c3d85a97232b /docs
parent: 384fb90aaf0a23baa07e311b417e4becb96d217f (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 58e16748f6..509ef7f244 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -728,3 +728,16 @@ Versions affected
 
 * Django 1.9 `(patch) <https://github.com/django/django/commit/af7d09b0c5c6ab68e629fd9baf736f9dd203b18e>`__
 * Django 1.8 `(patch) <https://github.com/django/django/commit/f4e6e02f7713a6924d16540be279909ff4091eb6>`__
+
+July 18, 2016 - CVE-2016-6186
+-----------------------------
+
+`CVE-2016-6186 <https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6186&cid=2>`_:
+XSS in admin's add/change related popup.
+`Full description <https://www.djangoproject.com/weblog/2016/jul/18/security-releases/>`__
+
+Versions affected
+~~~~~~~~~~~~~~~~~
+
+* Django 1.9 `(patch) <https://github.com/django/django/commit/d03bf6fe4e9bf5b07de62c1a271c4b41a7d3d158>`__
+* Django 1.8 `(patch) <https://github.com/django/django/commit/f68e5a99164867ab0e071a936470958ed867479d>`__
author	Tim Graham <timograham@gmail.com>	2016-07-18 15:19:35 -0400
committer	Tim Graham <timograham@gmail.com>	2016-07-18 15:20:38 -0400
commit	57c4db8c6903e3e95f53f8f0ca448231b385071f (patch)
tree	d4001ea6e8afafa1053fcd1f5354c3d85a97232b /docs
parent	384fb90aaf0a23baa07e311b417e4becb96d217f (diff)