Issued:: 2020-12-16
Updated:: 2020-12-16

RHSA-2020:5572 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: python-django-horizon security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for python-django-horizon is now available for Red Hat OpenStack
Platform 13 (Queens).

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

Description

OpenStack Dashboard (horizon) provides administrators and users with a
graphical interface to access, provision, and automate cloud-based
resources.

Security Fix(es):

python-django-horizon: dashboard allows open redirect (CVE-2020-29565)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

Solution

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat OpenStack for IBM Power 13 ppc64le
Red Hat OpenStack 13 x86_64

Fixes

BZ - 1811510 - CVE-2020-29565 python-django-horizon: dashboard allows open redirect

CVEs

CVE-2020-29565

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack for IBM Power 13

SRPM
python-django-horizon-13.0.3-7.el7ost.src.rpm	SHA-256: 452352b9db88fb3eb643d348d6a6068c5125d22136b6a41c78ac417f60db6bc4
ppc64le
openstack-dashboard-13.0.3-7.el7ost.noarch.rpm	SHA-256: 9a99b84f3fb8281033a7be6f0b555f47c732d6307c4ae2f552c827112011da4a
python-django-horizon-13.0.3-7.el7ost.noarch.rpm	SHA-256: d2df3e692b9bc7af388ba158bb6f70cf3b755a5f7ba9e98d414b70e3a60aad49

Red Hat OpenStack 13

SRPM
python-django-horizon-13.0.3-7.el7ost.src.rpm	SHA-256: 452352b9db88fb3eb643d348d6a6068c5125d22136b6a41c78ac417f60db6bc4
x86_64
openstack-dashboard-13.0.3-7.el7ost.noarch.rpm	SHA-256: 9a99b84f3fb8281033a7be6f0b555f47c732d6307c4ae2f552c827112011da4a
python-django-horizon-13.0.3-7.el7ost.noarch.rpm	SHA-256: d2df3e692b9bc7af388ba158bb6f70cf3b755a5f7ba9e98d414b70e3a60aad49

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation