UbuntuUpdates.org

Package "openstack-dashboard-ubuntu-theme"

Name: openstack-dashboard-ubuntu-theme

Description:

Ubuntu theme for the Openstack dashboard
Latest version: 2012.1.3+stable~20120815-691dd2-0ubuntu1.1
Release: precise (12.04)
Level: security
Repository: main
Head package: horizon
Homepage: http://launchpad.net/horizon

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "openstack-dashboard-ubuntu-theme"

All arch deb package
APT INSTALL

Other versions of "openstack-dashboard-ubuntu-theme" in Precise

Repository Area Version
base main 2012.1-0ubuntu8
updates main 2012.1.3+stable-20130423-5ce39422-0ubuntu1

Changelog

Version: 2012.1.3+stable~20120815-691dd2-0ubuntu1.1 2012-09-13 00:06:49 UTC

  horizon (2012.1.3+stable~20120815-691dd2-0ubuntu1.1) precise-security; urgency=low

  * SECURITY UPDATE: open redirect / phishing attack via "next"
    parameter (LP: #1039077)
    - debian/patches/CVE-2012-3540.patch: disallow redirects to anywhere
      other than the same origin
    - CVE-2012-3540
 -- Steve Beattie <email address hidden> Thu, 30 Aug 2012 17:15:04 -0700
Source diff to previous version
1039077 open redirect / phishing attack via \
CVE-2012-3540 Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitr

Version: 2012.1-0ubuntu8.1 2012-05-07 15:09:22 UTC

  horizon (2012.1-0ubuntu8.1) precise-security; urgency=low

  * SECURITY UPDATE: fix XSS when refreshing logs
    - debian/patches/CVE-2012-2094.patch: interpret logs as text
    - CVE-2012-2094
  * SECURITY UPDATE: fix session fixation and reuse
    - debian/patches/CVE-2012-2144.patch: properly verify existing session and
      also log user out on error
    - CVE-2012-2144
 -- Jamie Strandboge <email address hidden> Wed, 02 May 2012 08:19:13 -0500
CVE-2012-2144 OSSA 2012-006: Horizon session fixation and reuse


About   -   Send Feedback to @ubuntu_updates