Bug#828967: marked as done (CVE-2016-4428: Possible client side template injection in horizon)

Wed, 29 Jun 2016 06:27:46 -0700 

Your message dated Wed, 29 Jun 2016 13:23:44 +0000
with message-id <[email protected]>
and subject line Bug#828967: fixed in horizon 3:9.0.1-2
has caused the Debian Bug report #828967,
regarding CVE-2016-4428: Possible client side template injection in horizon
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
828967: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828967
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Source: horizon
Version: 3:9.0.1-1
Severity: important

See details here:
https://bugs.launchpad.net/horizon/+bug/1567673

--- End Message ---
--- Begin Message --- 
Source: horizon
Source-Version: 3:9.0.1-2

We believe that the bug you reported is fixed in the latest version of
horizon, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Goirand <[email protected]> (supplier of updated horizon package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 29 Jun 2016 14:59:37 +0200
Source: horizon
Binary: python-django-horizon openstack-dashboard openstack-dashboard-apache 
horizon-doc
Architecture: source all
Version: 3:9.0.1-2
Distribution: unstable
Urgency: high
Maintainer: PKG OpenStack <[email protected]>
Changed-By: Thomas Goirand <[email protected]>
Description:
 horizon-doc - web application to control an OpenStack cloud - doc
 openstack-dashboard - web application to control an OpenStack cloud
 openstack-dashboard-apache - web application to control an OpenStack cloud - 
Apache support
 python-django-horizon - Django module providing web interaction with OpenStack
Closes: 828967
Changes:
 horizon (3:9.0.1-2) unstable; urgency=high
 .
   * CVE-2016-4428: Possible client side template injection in horizon. Added
     CVE-2016-4428_Escape_angularjs_templating_in_unsafe_HTML.patch from
     upstream (Closes: #828967).
Checksums-Sha1:
 0f8aa9f5fbd831162f26ca6a1d21366c33c206e2 4160 horizon_9.0.1-2.dsc
 c9cd7e4b487890cc610f667f51c4897b10bb640d 25900 horizon_9.0.1-2.debian.tar.xz
 5cc8855e2ef492f5d18e198b32cfe2afacaeddd4 1132944 horizon-doc_9.0.1-2_all.deb
 13f399fa50d0ec7bea7dd8c1a45bdc2334aa9101 13312 
openstack-dashboard-apache_9.0.1-2_all.deb
 ccd43c358f5831dfd9d7df3541358b95846fcfc3 2445298 
openstack-dashboard_9.0.1-2_all.deb
 6654a043cfa0c01ed9a2335861df7bd122ce7a6f 2208872 
python-django-horizon_9.0.1-2_all.deb
Checksums-Sha256:
 da38cb15d619393b69382c58126a07a90187c8a61f2987267a6bfceca0bf78fd 4160 
horizon_9.0.1-2.dsc
 6a453542e8873a8528fb79ee38351dd2b0a35cda57f0de0950d87ea1a9f24a5b 25900 
horizon_9.0.1-2.debian.tar.xz
 4afcf35ebcddd19841e560975f29ded758f106652be082532dcf86abc07e90d7 1132944 
horizon-doc_9.0.1-2_all.deb
 827981123c6853b591fdfa3531118484f7f16402757a8d8d110f074a58c9404f 13312 
openstack-dashboard-apache_9.0.1-2_all.deb
 2840a7b7ef5d2956d181cd47e6657afe7ee4148f500a97198ad9d654a386c9bf 2445298 
openstack-dashboard_9.0.1-2_all.deb
 b0d895fc8662c0fb048af527c2b2d88b4f78b7e9a0c30a06870cbc9310073c5f 2208872 
python-django-horizon_9.0.1-2_all.deb
Files:
 f5be0804a949809d75543c6a49172374 4160 net extra horizon_9.0.1-2.dsc
 d12d57406d84915071ec1618c196ae6a 25900 net extra horizon_9.0.1-2.debian.tar.xz
 6866ddbf1b717b4430561040c1d02f61 1132944 doc extra horizon-doc_9.0.1-2_all.deb
 20cdf1d79cc1614fbef4cd2452275d47 13312 net extra 
openstack-dashboard-apache_9.0.1-2_all.deb
 fe7cd10acb3e6f3a19cba8683f5c142b 2445298 net extra 
openstack-dashboard_9.0.1-2_all.deb
 fc94acb5361312ac978406fc23ecbdf1 2208872 python extra 
python-django-horizon_9.0.1-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXc8jSAAoJENQWrRWsa0P+NrUP/RYnDjb3P0e//tD721LtOkFx
KzvXIQ/4btqSMKWc83cPfF75kGVpLAMXdUCEGI5oS0b4rVWSIAV9N4Fv6bfnvhfh
Z5sbP4iB6/Wc8kTTrh557bU5QySz2G2Qcjh6SU/zSP4/j2R9TvJI8AGRhiMEr5P/
Ilx7L4hw1uFC4lNb0pcKqA7uyIzW8Smpdl5YZmaUtuizHUoJMHePViMKm/Pmon/p
usmeAD1yUQmof8VpNhFeFFBm6VT5AXEex0dn7c+8SgfyqLJmGGoL1JcWBWQccQSd
6ETgOSQCr+FEtxlEBAh+UbKjvH+qm3IHqJAKkNN5bmSHndP01UZWd2K8HlTVMU1V
BZ32TLGNrBHkQhrajWYyho300obzIcMy0+bElba5vYTaVSyLz/RbqVwM7ZAdgQHk
lwrKHDIUVrbLPfwZH3hsCu1L6N98xwaYkHFgiB2fzO8ApXwqSPK6szqtO7khsrk8
pgaGYOjq/Nkd8XQ25AdIXKzIQMx1Mjqd4PD5TvYaxB9aLtq3dx0jJ5Ir3VR53zg2
ctAb5XmkRwHQ7g1cdghHoDdj262HzSql8ScYbxxtjxWq/KZgJ4kAoQKMs6YAfOm0
9Rv3ENxCm+3X/Khs71mVGeUR+fDcekEurtFo89Wo9KnMdZD4WDxLx9XFoHgfEgT/
fjOHeK6uFs6iRQDXofA7
=+1xW
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to