Debian Security Advisory
DSA-4820-1 horizon -- security update
- Date Reported:
- 27 Dec 2020
- Affected Packages:
- horizon
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 976872.
In Mitre's CVE dictionary: CVE-2020-29565. - More information:
-
Pritam Singh discovered an open redirect in the workflow forms of OpenStack Horizon.
For the stable distribution (buster), this problem has been fixed in version 3:14.0.2-3+deb10u2.
We recommend that you upgrade your horizon packages.
For the detailed security status of horizon please refer to its security tracker page at: https://security-tracker.debian.org/tracker/horizon