[PKG-Openstack-devel] Bug#788306: Bug#788306: horizon: CVE-2015-3219: XSS in Horizon Heat stack creation
László Böszörményi (GCS)
gcs at debian.org
Wed Jun 10 07:10:56 UTC 2015
Control: found -1 2014.1.3-1
Hi Salvatore,
On Wed, Jun 10, 2015 at 7:37 AM, Salvatore Bonaccorso <carnil at debian.org> wrote:
> Source: horizon
> Version: 2015.1.0-1
> Severity: important
> Tags: security upstream fixed-upstream
[...]
> CVE-2015-3219[0]:
> XSS in Horizon Heat stack creation
[...]
> Please adjust the affected versions in the BTS as needed.
Just checked. The Wheezy version doesn't contain the vulnerable code
segment, but the Jessie version does. Mark the bug accordingly.
In case you may accept, I attach a debdiff for Jessie.
Regards,
Laszlo/GCS
-------------- next part --------------
A non-text attachment was scrubbed...
Name: horizon_2014.1.3-7_to_2014.1.3-7+deb8u1.patch
Type: text/x-diff
Size: 2911 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/openstack-devel/attachments/20150610/49fe76a0/attachment.patch>
More information about the Openstack-devel
mailing list