SUSE-SU-2015:2064-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2015/suse-su-20152064-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:2064-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/SUSE-SU-2015:2064-1

Related

Published

2015-11-20T13:11:32Z

Modified

2015-11-20T13:11:32Z

Summary

Security update for openstack-dashboard

Details

This update provides fixes and enhancements for openstack-dashboard, crowbar-barclamp-novadashboard and python-djangoopenstack_auth.

openstack-dashboard:

Reset flavors for other than 'Boot from Image' source type. (bsc#945515)
Add deactivated status for glance image.
Fix TemplateSyntaxError at hypervisors view.
Fix addition of plugin panel to panel group.
Remove admin role name 'admin' hardcode. (bsc#935442)
Escape the description param from heat template. (bsc#933722, CVE-2015-3219)
Enhance policy rules to workflow actions and identity project.
Sanitation of metadata passed from Django to avoid persistent XSS. (bsc#931437, CVE-2015-3988)
Fix Terminate Instance on network topology page.
Show ports from shared nets in floating IP assoc.
Fix incorrect ca arguments for calling ceilometer client.
Fix dynamic select layout when help block is displayed.
Pass correct project ID to get tenant_usages. (bsc#928891)

crowbar-barclamp-nova_dashboard:

Allow switching on multidomain support. (bsc#945052)
Fix quoting of supportedprovidertypes. (bsc#936368)
Enable the POLICY_FILES setting configuration.
Fix attribute being fetched from wrong node. (bsc#936059)

python-djangoopenstackauth:

Remove admin role name 'admin' hardcode in User.is_superuser().

References

Affected packages

SUSE:OpenStack Cloud 5 / crowbar-barclamp-nova_dashboard

Package

Name: crowbar-barclamp-nova_dashboard
Purl: pkg:rpm/suse/crowbar-barclamp-nova_dashboard&distro=SUSE%20OpenStack%20Cloud%205

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.9+git.1443622531.b2b2939-9.3

Ecosystem specific

{
    "binaries": [
        {
            "openstack-dashboard": "2014.2.4~a0~dev12-13.2",
            "crowbar-barclamp-nova_dashboard": "1.9+git.1443622531.b2b2939-9.3",
            "python-django_openstack_auth": "1.1.7-11.3",
            "python-horizon": "2014.2.4~a0~dev12-13.2"
        }
    ]
}

SUSE:OpenStack Cloud 5 / openstack-dashboard

Package

Name: openstack-dashboard
Purl: pkg:rpm/suse/openstack-dashboard&distro=SUSE%20OpenStack%20Cloud%205

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2014.2.4~a0~dev12-13.2

Ecosystem specific

{
    "binaries": [
        {
            "openstack-dashboard": "2014.2.4~a0~dev12-13.2",
            "crowbar-barclamp-nova_dashboard": "1.9+git.1443622531.b2b2939-9.3",
            "python-django_openstack_auth": "1.1.7-11.3",
            "python-horizon": "2014.2.4~a0~dev12-13.2"
        }
    ]
}

SUSE:OpenStack Cloud 5 / python-django_openstack_auth

Package

Name: python-django_openstack_auth
Purl: pkg:rpm/suse/python-django_openstack_auth&distro=SUSE%20OpenStack%20Cloud%205

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.7-11.3

Ecosystem specific

{
    "binaries": [
        {
            "openstack-dashboard": "2014.2.4~a0~dev12-13.2",
            "crowbar-barclamp-nova_dashboard": "1.9+git.1443622531.b2b2939-9.3",
            "python-django_openstack_auth": "1.1.7-11.3",
            "python-horizon": "2014.2.4~a0~dev12-13.2"
        }
    ]
}