Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Ubuntu 20.04 LTS USN-4675-1 Critical: OpenStack Horizon Redirect

Calendar Jan 05, 2021 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory software update Ubuntu ubuntu malicious redirect openstack OpenStack horizon redirect issue anomaly
OpenStack Horizon could be made to redirect to a malicious URL. 
=========================================================================Ubuntu Security Notice USN-4675-1
January 05, 2021

horizon vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

OpenStack Horizon could be made to redirect to a malicious URL.

Software Description:
- horizon: Web interface for OpenStack cloud infrastructure

Details:

Pritam Singh discovered that OpenStack Horizon incorrectly validated
certain parameters. An attacker could possibly use this issue to cause
OpenStack Horizon to redirect to a malicious URL.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  openstack-dashboard             3:18.3.2-0ubuntu0.20.04.4

Ubuntu 18.04 LTS:
  openstack-dashboard             3:13.0.3-0ubuntu2

Ubuntu 16.04 LTS:
  openstack-dashboard             2:9.1.2-0ubuntu5.2

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-4675-1
  CVE-2020-29565

Package Information:
  https://launchpad.net/ubuntu/+source/horizon/3:18.3.2-0ubuntu0.20.04.4
  https://launchpad.net/ubuntu/+source/horizon/3:13.0.3-0ubuntu2
  https://launchpad.net/ubuntu/+source/horizon/2:9.1.2-0ubuntu5.2

Ubuntu 20.04 LTS USN-4675-1 Critical: OpenStack Horizon Redirect

ubuntu
Calendar Grey January 5, 2021
Dist Ubuntu Esm H88
The recent Ubuntu Security Notice USN-4675-1 highlights a vulnerability within OpenStack Horizon that may result in unauthorized redirects by malicious entities.
OpenStack Horizon could be made to redirect to a malicious URL.

Summary

Topics%20covered

Topics Covered

security advisory software update Ubuntu ubuntu malicious redirect openstack OpenStack horizon redirect issue anomaly

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: openstack-dashboard 3:18.3.2-0ubuntu0.20.04.4 Ubuntu 18.04 LTS: openstack-dashboard 3:13.0.3-0ubuntu2 Ubuntu 16.04 LTS: openstack-dashboard 2:9.1.2-0ubuntu5.2 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4675-1

CVE-2020-29565

Severity
critical
Lowest
Low
Medium
High
Critical

January 05, 2021

Topics%20covered

Topics Covered

security advisory software update Ubuntu ubuntu malicious redirect openstack OpenStack horizon redirect issue anomaly

Package Information

https://launchpad.net/ubuntu/+source/horizon/3:18.3.2-0ubuntu0.20.04.4 https://launchpad.net/ubuntu/+source/horizon/3:13.0.3-0ubuntu2 https://launchpad.net/ubuntu/+source/horizon/2:9.1.2-0ubuntu5.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here