RHSA-2016:2933 - Security Advisory
Low: python-XStatic-jquery-ui security update
Security Advisory: Low
An update for python-XStatic-jquery-ui is now available for Red Hat OpenStack Platform 9.0 (Mitaka).
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The following packages have been upgraded to a newer upstream version: python-XStatic-jquery-ui (22.214.171.124). (BZ#1371012)
- It was found that a parameter of the dialog box feature of jQuery UI was vulnerable to cross site scripting. An attacker could use this flaw to execute a malicious script via the dialog box when it was displayed to a user. (CVE-2016-7103)
For details on how to apply this update, which includes the changes described in this advisory, refer to:
- Red Hat OpenStack 9 x86_64
- BZ - 1360286 - CVE-2016-7103 jquery-ui: cross-site scripting in dialog closeText
Red Hat OpenStack 9