========================================================================== Ubuntu Security Notice USN-4675-1 January 05, 2021 horizon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: OpenStack Horizon could be made to redirect to a malicious URL. Software Description: - horizon: Web interface for OpenStack cloud infrastructure Details: Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: openstack-dashboard 3:18.3.2-0ubuntu0.20.04.4 Ubuntu 18.04 LTS: openstack-dashboard 3:13.0.3-0ubuntu2 Ubuntu 16.04 LTS: openstack-dashboard 2:9.1.2-0ubuntu5.2 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4675-1 CVE-2020-29565 Package Information: https://launchpad.net/ubuntu/+source/horizon/3:18.3.2-0ubuntu0.20.04.4 https://launchpad.net/ubuntu/+source/horizon/3:13.0.3-0ubuntu2 https://launchpad.net/ubuntu/+source/horizon/2:9.1.2-0ubuntu5.2