[ubuntu/xenial-security] horizon 2:9.1.2-0ubuntu5.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Tue Jan 5 13:16:39 UTC 2021


horizon (2:9.1.2-0ubuntu5.2) xenial-security; urgency=medium

  [ Chris MacNaughton ]
  * d/control: Update VCS paths for move to lp:~ubuntu-openstack-dev.

  [ Marc Deslauriers ]
  * SECURITY UPDATE: ensure next parameter is validated to prevent malicious
    URL injection
    - d/p/CVE-2020-29565.patch: Make sure the next URL is in the same origin
      as Horizon before redirecting to it.
    - CVE-2020-29565

Date: 2020-12-14 19:16:12.962175+00:00
Changed-By: Corey Bryant <corey.bryant at canonical.com>
Maintainer: Chuck Short <zulcssubuntu at gmail.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/horizon/2:9.1.2-0ubuntu5.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Xenial-changes mailing list