You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa OpenStack Horizon

Sigurnosni nedostatak programskog paketa OpenStack Horizon

==========================================================================
Ubuntu Security Notice USN-4675-1
January 05, 2021

horizon vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

OpenStack Horizon could be made to redirect to a malicious URL.

Software Description:
– horizon: Web interface for OpenStack cloud infrastructure

Details:

Pritam Singh discovered that OpenStack Horizon incorrectly validated
certain parameters. An attacker could possibly use this issue to cause
OpenStack Horizon to redirect to a malicious URL.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
openstack-dashboard 3:18.3.2-0ubuntu0.20.04.4

Ubuntu 18.04 LTS:
openstack-dashboard 3:13.0.3-0ubuntu2

Ubuntu 16.04 LTS:
openstack-dashboard 2:9.1.2-0ubuntu5.2

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4675-1
CVE-2020-29565

Package Information:
https://launchpad.net/ubuntu/+source/horizon/3:18.3.2-0ubuntu0.20.04.4
https://launchpad.net/ubuntu/+source/horizon/3:13.0.3-0ubuntu2
https://launchpad.net/ubuntu/+source/horizon/2:9.1.2-0ubuntu5.2

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl/0dLoACgkQZWnYVadE
vpO29hAAsPCHwWyHnEqZ2wOhSOowlZhzXM8NzpX9ycb6e/OI7AVPV9U7A6fJwxM1
La7ofnlcCXyxP53ECVnRGITR54mOJiFHXJFkb9Eo0GbDs25krSVBG7dWHR3pjeUk
Yj+LPd86wiFN9rnI5cSJlZiGzEYRcC2rqLfZnb4VmutE++KNDN8TeF7Cka1SyJNe
yor4etbTrQA2+QH+IfhAogB9EC2sq4liYKlVjvWOHiuau3zvJ/6CxdXM7GVCO9h6
3hB5Z8psRFVkeQ5AhTn7VqB5Iv/xlZZeEbvUGw4NtdRv80PXost387fCMgXMgiO0
hRdRR2GSYCqeAKbVQQ+kxRtsEfa9vnruqtfR4vxN4rIaba0b6shUXLWE2oeeyQ8Z
1A0jXWxALF79ga1wvw2XJfwyR2JwBeK3QGpnU4Xfezhjd0lO99XCSyOAMg7LQOIm
uvOxCI55jWCy+BCKmkf2Iwd94ecrT5OOgw1z8NfGfqfbyw9TdkSUVoQjgYzOm9D/
KgF1N4Dwl7cfFBFnmYOhK6KI+sTg1VTTZUWXWMD+l4ToFDYdbVEk8Pis4CJvR3Bg
Eh1cxmoledmoHbTq4tpJtuAPqxR81Csam2AP2RwxbgKjQuuUi1o8JPWp/rTCjazZ
FvVcRhLmZWjOk8eFp5tElpeimZTJvsrZZKfLmQfhqp5qXbtVzAU=
=3syo
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava RHEL. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja ili izvršavanje proizvoljnog programskog...

Close