UbuntuUpdates.org

Package "openstack-dashboard-ubuntu-theme"

Name: openstack-dashboard-ubuntu-theme

Description:

Ubuntu theme for the Openstack dashboard

Latest version: 2012.1.3+stable-20130423-5ce39422-0ubuntu1
Release: precise (12.04)
Level: updates
Repository: main
Head package: horizon
Homepage: http://launchpad.net/horizon

Links


Download "openstack-dashboard-ubuntu-theme"


Other versions of "openstack-dashboard-ubuntu-theme" in Precise

Repository Area Version
base main 2012.1-0ubuntu8
security main 2012.1.3+stable~20120815-691dd2-0ubuntu1.1

Changelog

Version: 2012.1.3+stable-20130423-5ce39422-0ubuntu1 2013-05-16 18:06:45 UTC

  horizon (2012.1.3+stable-20130423-5ce39422-0ubuntu1) precise-proposed; urgency=low

  * Resynchronize with stable/essex (LP: #1089488)
    - [7e651d7] stable/essex horizon installs unusable version of glance
      (LP: #1057125)
    - [35eada8] open redirect / phishing attack via "next" parameter
      (LP: #1039077)
    - [8889311] TypeError when trying to delete an unnamed volume via dashboard
      (LP: #1031291)
    - [f862d9e] Wrong 'Download CSV Summary' link (LP: #1020555)
    - [9b22d68] When adding ICMP rule, the type/code is being validated as
      from/to ports (LP: #997669)
    - [52bbba1] Added --only-selenium option in run_tests.sh
  * Dropped patches, superseeded by new snapshot:
    - debian/patches/CVE-2012-3540.patch [35eada8]
 -- Yolanda <email address hidden> Wed, 24 Apr 2013 15:46:28 +0200

Source diff to previous version
1089488 Meta bug for tracking Openstack Stable Updates
1057125 stable/essex horizon installs unusable version of glance
1039077 open redirect / phishing attack via \
1031291 TypeError when trying to delete an unnamed volume via dashboard
1020555 Wrong 'Download CSV Summary' link
997669 When adding ICMP rule, the type/code is being validated as from/to ports
CVE-2012-3540 Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitr

Version: 2012.1.3+stable~20120815-691dd2-0ubuntu1.1 2012-09-13 01:06:48 UTC

  horizon (2012.1.3+stable~20120815-691dd2-0ubuntu1.1) precise-security; urgency=low

  * SECURITY UPDATE: open redirect / phishing attack via "next"
    parameter (LP: #1039077)
    - debian/patches/CVE-2012-3540.patch: disallow redirects to anywhere
      other than the same origin
    - CVE-2012-3540
 -- Steve Beattie <email address hidden> Thu, 30 Aug 2012 17:15:04 -0700

Source diff to previous version
1039077 open redirect / phishing attack via \
CVE-2012-3540 Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard (Horizon) Essex (2012.1) allows remote attackers to redirect users to arbitr

Version: 2012.1.3+stable~20120815-691dd2-0ubuntu1 2012-09-03 16:07:00 UTC

  horizon (2012.1.3+stable~20120815-691dd2-0ubuntu1) precise-proposed; urgency=low

  [ Chuck Short ]
  * New upstream release (LP: #1041120):
    - 9b22d6 - Fixed validation check for ICMP rules. (LP: #997669)
  * Dropped:
    - debian/patches/CVE-2012-2094.patch: No longer needed.
    - debian/patches/CVE-2012-2144.patch: No longer needed.

   [ Adam Gandelman ]
   * debian/patches/juju_panel-handle_catalog_exception.patch: Gracefully handle
    missing endpoints in Keystone catalog during Juju environmnets.yaml
    generation. (LP: #1033920)
 -- Adam Gandelman <email address hidden> Tue, 24 Aug 2012 03:27:33 -0500

Source diff to previous version
1041120 Meta bug for tracking Openstack Stable Updates
997669 When adding ICMP rule, the type/code is being validated as from/to ports
1033920 Dashboard raises a ServiceCatalogException when attempting to download juju settings
CVE-2012-2094 Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Ho
CVE-2012-2144 OSSA 2012-006: Horizon session fixation and reuse

Version: 2012.1-0ubuntu8.1 2012-05-07 15:09:22 UTC

  horizon (2012.1-0ubuntu8.1) precise-security; urgency=low

  * SECURITY UPDATE: fix XSS when refreshing logs
    - debian/patches/CVE-2012-2094.patch: interpret logs as text
    - CVE-2012-2094
  * SECURITY UPDATE: fix session fixation and reuse
    - debian/patches/CVE-2012-2144.patch: properly verify existing session and
      also log user out on error
    - CVE-2012-2144
 -- Jamie Strandboge <email address hidden> Wed, 02 May 2012 08:19:13 -0500

CVE-2012-2144 OSSA 2012-006: Horizon session fixation and reuse



About   -   Send Feedback to @ubuntu_updates