[ubuntu-cloud-archive/train-updates] horizon (Accepted)
Corey Bryant
corey.bryant at canonical.com
Tue Jan 5 20:32:49 UTC 2021
horizon (3:16.2.0-0ubuntu1~cloud1) bionic-train; urgency=medium
.
[ Chris MacNaughton ]
* d/control: Update VCS paths for move to lp:~ubuntu-openstack-dev.
.
[ Corey Bryant ]
* SECURITY UPDATE: ensure next parameter is validated to prevent malicious
URL injection
- d/p/CVE-2020-29565.patch: Make sure the next URL is in the same origin
as Horizon before redirecting to it.
- CVE-2020-29565
Date: Tue, 08 Dec 2020 15:40:10 -0500
Changed-By: Corey Bryant <corey.bryant at canonical.com>
Signed-By: Corey Bryant <corey.bryant at canonical.com>
Published-By: Corey Bryant <corey.bryant at canonical.com>
More information about the Cloud-archive-changes
mailing list