From 26fc64332c362dd4632a49eef6672b71dfa7a813 Mon Sep 17 00:00:00 2001
From: Sarah Boyce <42296566+sarahboyce@users.noreply.github.com>
Date: Wed, 3 Sep 2025 15:26:45 +0200
Subject: [PATCH] [5.1.x] Added CVE-2025-57833 to security archive.

Backport of f0c05a40d27d69ef3a7b4e5e0199b5dba5b11feb from main.
---
 docs/releases/security.txt | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/docs/releases/security.txt b/docs/releases/security.txt
index 353f1a9b96..8e1ab8c58b 100644
--- a/docs/releases/security.txt
+++ b/docs/releases/security.txt
@@ -36,6 +36,17 @@ Issues under Django's security process
 All security issues have been handled under versions of Django's security
 process. These are listed below.
 
+September 3, 2025 - :cve:`2025-57833`
+-------------------------------------
+
+Potential SQL injection in FilteredRelation column aliases.
+`Full description
+<https://www.djangoproject.com/weblog/2025/sep/03/security-releases/>`__
+
+* Django 5.2 :commit:`(patch) <4c044fcc866ec226f612c475950b690b0139d243>`
+* Django 5.1 :commit:`(patch) <102965ea93072fe3c39a30be437c683ec1106ef5>`
+* Django 4.2 :commit:`(patch) <31334e6965ad136a5e369993b01721499c5d1a92>`
+
 June 4, 2025 - :cve:`2025-48432`
 --------------------------------