UbuntuUpdates.org

Package "python3-django-horizon"

Name: python3-django-horizon

Description:

Django module providing web based interaction with OpenStack (Python 3)

Latest version: 3:18.3.2-0ubuntu0.20.04.4
Release: focal (20.04)
Level: security
Repository: main
Head package: horizon
Homepage: https://launchpad.net/horizon

Links


Download "python3-django-horizon"


Other versions of "python3-django-horizon" in Focal

Repository Area Version
base main 3:18.2.1~git2020041013.754804667-0ubuntu3
updates main 3:18.3.5-0ubuntu2.3

Changelog

Version: 3:18.3.2-0ubuntu0.20.04.4 2021-01-05 15:06:23 UTC

  horizon (3:18.3.2-0ubuntu0.20.04.4) focal-security; urgency=medium

  * SECURITY UPDATE: ensure next parameter is validated to prevent malicious
    URL injection
    - d/p/CVE-2020-29565.patch: Make sure the next URL is in the same origin
      as Horizon before redirecting to it.
    - CVE-2020-29565

 -- Corey Bryant <email address hidden> Tue, 08 Dec 2020 15:29:47 -0500

CVE-2020-29565 An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. There is a lack of v



About   -   Send Feedback to @ubuntu_updates