[ubuntu/focal-security] horizon 3:18.3.2-0ubuntu0.20.04.4 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Jan 5 13:16:37 UTC 2021
horizon (3:18.3.2-0ubuntu0.20.04.4) focal-security; urgency=medium
* SECURITY UPDATE: ensure next parameter is validated to prevent malicious
URL injection
- d/p/CVE-2020-29565.patch: Make sure the next URL is in the same origin
as Horizon before redirecting to it.
- CVE-2020-29565
Date: 2020-12-09 20:41:20.327231+00:00
Changed-By: Corey Bryant <corey.bryant at canonical.com>
Maintainer: Chuck Short <zulcssubuntu at gmail.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/horizon/3:18.3.2-0ubuntu0.20.04.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list