fix CVE_2012-2094

author Ghe Rivero <ghe@debian.org>

Tue, 17 Apr 2012 17:39:27 +0000 (19:39 +0200)

committer Ghe Rivero <ghe@debian.org>

Tue, 17 Apr 2012 17:39:27 +0000 (19:39 +0200)
author Ghe Rivero <ghe@debian.org>
Tue, 17 Apr 2012 17:39:27 +0000 (19:39 +0200)
committer Ghe Rivero <ghe@debian.org>
Tue, 17 Apr 2012 17:39:27 +0000 (19:39 +0200)
diff --git a/xenial/debian/changelog b/xenial/debian/changelog

index 67eed6b1802cbbab29e15b72725a195612a0b3c1..5d6001cf41ace690eb6056ef843abb5b01c7c74c 100644 (file)
--- a/xenial/debian/changelog
+++ b/xenial/debian/changelog
@@ -1,3 +1,9 @@
+horizon (2012.1-3) unstable; urgency=low
+
+  * Fixed CVE_2012-2094
+
+ -- Ghe Rivero <ghe.rivero@stackops.com>  Tue, 17 Apr 2012 19:38:18 +0200
+
  horizon (2012.1-2) unstable; urgency=low
  
    * Make openstack-dashboard depends on the same version of
diff --git a/xenial/debian/patches/CVE_2012-2094 b/xenial/debian/patches/CVE_2012-2094

new file mode 100644 (file)

index 0000000..6b9fb26
--- /dev/null
+++ b/xenial/debian/patches/CVE_2012-2094
@@ -0,0 +1,11 @@
+--- a/horizon/static/horizon/js/horizon.js
++++ b/horizon/static/horizon/js/horizon.js
+@@ -284,7 +284,7 @@
+         data: data,
+         method: 'get',
+         success: function(response_body) {
+-          $('pre.logs').html(response_body);
++          $('pre.logs').text(response_body);
+         },
+         error: function(response) {
+           if(via_user_submit) {
diff --git a/xenial/debian/patches/series b/xenial/debian/patches/series

new file mode 100644 (file)

index 0000000..ee073ee
--- /dev/null
+++ b/xenial/debian/patches/series
@@ -0,0 +1 @@
+CVE_2012-2094
author	Ghe Rivero <ghe@debian.org>
	Tue, 17 Apr 2012 17:39:27 +0000 (19:39 +0200)
committer	Ghe Rivero <ghe@debian.org>
	Tue, 17 Apr 2012 17:39:27 +0000 (19:39 +0200)
xenial/debian/changelog		patch \| blob \| history
xenial/debian/patches/CVE_2012-2094	[new file with mode: 0644]	patch \| blob
xenial/debian/patches/series	[new file with mode: 0644]	patch \| blob