@pitti the dep on cherrypy3 is resolved (dropped), and the other MIR
criteria has been resolved. There is an open bug task for release notes
regarding insecure content.
Thanks.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to horizon
Promoted.
** Changed in: horizon (Ubuntu)
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to horizon in Ubuntu.
https://bugs.launchpad.net/bugs/914164
Title:
[MIR] horizon
To manage
See http://people.canonical.com/~ubuntu-archive/component-
mismatches.svg, this needs an additional MIR for cherrypy3.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to horizon in Ubuntu.
https://bugs.launchpad.net/bugs/914164
Title:
This: while an administrator should know that setting up horizon for
access over http:// would expose credentials, it would be good if the
settings pages warned if the user was accessing the urls via http:// in
some manner. If it is not fixed, it would be acceptable to mention it
in a release
I performed a shallow review of horizon:
CVE history: no, but the code is new. That said, upstream is very
responsive and the server team is committed to it and active with
upstream.
Embeds some jquery scripts from jquery-goodies (they are newer than what
is in the archive) in
** Changed in: horizon (Ubuntu)
Status: Incomplete = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to horizon in Ubuntu.
https://bugs.launchpad.net/bugs/914164
Title:
[MIR] horizon
To manage notifications about this
~ubuntu-server subscribed to bugmail.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to horizon in Ubuntu.
https://bugs.launchpad.net/bugs/914164
Title:
[MIR] horizon
To manage notifications about this bug go to: