[ubuntu/xenial-security] horizon 2:9.1.2-0ubuntu5.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Jan 5 13:16:39 UTC 2021
horizon (2:9.1.2-0ubuntu5.2) xenial-security; urgency=medium
[ Chris MacNaughton ]
* d/control: Update VCS paths for move to lp:~ubuntu-openstack-dev.
[ Marc Deslauriers ]
* SECURITY UPDATE: ensure next parameter is validated to prevent malicious
URL injection
- d/p/CVE-2020-29565.patch: Make sure the next URL is in the same origin
as Horizon before redirecting to it.
- CVE-2020-29565
Date: 2020-12-14 19:16:12.962175+00:00
Changed-By: Corey Bryant <corey.bryant at canonical.com>
Maintainer: Chuck Short <zulcssubuntu at gmail.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/horizon/2:9.1.2-0ubuntu5.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list