-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4820-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
December 27, 2020                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : horizon
CVE ID         : CVE-2020-29565
Debian Bug     : 976872

Pritam Singh discovered an open redirect in the workflow forms of
OpenStack Horizon.

For the stable distribution (buster), this problem has been fixed in
version 3:14.0.2-3+deb10u2.

We recommend that you upgrade your horizon packages.

For the detailed security status of horizon please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/horizon

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl/o0D0ACgkQEMKTtsN8
TjYb6Q//bfq3zB7+h+QXtxPswuevJs9WnjRLUboCrFNtr1LS1dy6dPJ3nX2E8xF4
MEzZ1n8y5D1CY+xThcxcz93eN9rOAOxpCAbLk/U+IE3tt/vsf2RKzNps5yPTXi/7
AlKqS1Wm2RsjzyqfsJtWIXGoBtdDvqR7tzMsQ4IugAYh6h+Z+KHAKF75pC1496ZE
Iy1lwS+ljDN5Zgs8T/I70qCB3ielz+aQRjkY2A64Omhg3j8ATo04y8Te+8VPMpXv
RA6h/Rk2z/dGjcf107uROkxN19UALuqO0aSkfBnWfeEr3SJIvO1KRWLhUPvBueaV
dezlOLPSk1SXHYRgk8rIV8I0ilQFYbit2Hv3uxf1afswzzIJYZsIMc0n2AKPQl5f
R8iF/ClG+lcttd2MX8xBqbcXqLCyD0eaTy2UotXGKaSfW74HE9ZaPhm0zkAlTAzu
ytH5fYGBftQYCHrzCsM7qqMRPjIbQICZ0tFVlWYSmDtJfFW3alcIXA0SNIFKPDAA
OUUgNIGOZej+y5jMOY7zyElMVHFO+R1TUxv1BmQtXyyt/IKsgpvCvMwk6v5Qok23
ABXhGlTih28xqMis62tdImMH20TL8b90wWJQUabNEOpHaH+xyG4jTvw7TT6PIZXl
4bliubXiL3J4pKYZiLNjEGxHJ9eCmawsWRKbM9NI/k0ywByB72M=
=pVga
-----END PGP SIGNATURE-----