[ubuntu-cloud-archive/train-proposed] horizon (Accepted)
Corey Bryant
corey.bryant at canonical.com
Wed Dec 9 21:12:50 UTC 2020
horizon (3:16.2.0-0ubuntu1~cloud1) bionic-train; urgency=medium
.
[ Chris MacNaughton ]
* d/control: Update VCS paths for move to lp:~ubuntu-openstack-dev.
.
[ Corey Bryant ]
* SECURITY UPDATE: ensure next parameter is validated to prevent malicious
URL injection
- d/p/CVE-2020-29565.patch: Make sure the next URL is in the same origin
as Horizon before redirecting to it.
- CVE-2020-29565
Date: Tue, 08 Dec 2020 15:40:10 -0500
Changed-By: Corey Bryant <corey.bryant at canonical.com>
Signed-By: Corey Bryant <corey.bryant at canonical.com>
Published-By: Corey Bryant <corey.bryant at canonical.com>
More information about the Cloud-archive-changes
mailing list