From ffcc61b3d8b760b962bec8d0780c63cca56a8155 Mon Sep 17 00:00:00 2001
From: Ghe Rivero <ghe@debian.org>
Date: Tue, 17 Apr 2012 19:39:27 +0200
Subject: [PATCH] fix CVE_2012-2094

Rewritten-From: 4d2bcc69a337c0089b09c642afaf384c150b63d2
---
 xenial/debian/changelog             |  6 ++++++
 xenial/debian/patches/CVE_2012-2094 | 11 +++++++++++
 xenial/debian/patches/series        |  1 +
 3 files changed, 18 insertions(+)
 create mode 100644 xenial/debian/patches/CVE_2012-2094
 create mode 100644 xenial/debian/patches/series

diff --git a/xenial/debian/changelog b/xenial/debian/changelog
index 67eed6b..5d6001c 100644
--- a/xenial/debian/changelog
+++ b/xenial/debian/changelog
@@ -1,3 +1,9 @@
+horizon (2012.1-3) unstable; urgency=low
+
+  * Fixed CVE_2012-2094
+
+ -- Ghe Rivero <ghe.rivero@stackops.com>  Tue, 17 Apr 2012 19:38:18 +0200
+
 horizon (2012.1-2) unstable; urgency=low
 
   * Make openstack-dashboard depends on the same version of
diff --git a/xenial/debian/patches/CVE_2012-2094 b/xenial/debian/patches/CVE_2012-2094
new file mode 100644
index 0000000..6b9fb26
--- /dev/null
+++ b/xenial/debian/patches/CVE_2012-2094
@@ -0,0 +1,11 @@
+--- a/horizon/static/horizon/js/horizon.js
++++ b/horizon/static/horizon/js/horizon.js
+@@ -284,7 +284,7 @@
+         data: data,
+         method: 'get',
+         success: function(response_body) {
+-          $('pre.logs').html(response_body);
++          $('pre.logs').text(response_body);
+         },
+         error: function(response) {
+           if(via_user_submit) {
diff --git a/xenial/debian/patches/series b/xenial/debian/patches/series
new file mode 100644
index 0000000..ee073ee
--- /dev/null
+++ b/xenial/debian/patches/series
@@ -0,0 +1 @@
+CVE_2012-2094
-- 
2.45.2