Re: [SECURITY] [DLA 520-1] horizon security update

To: debian-lts@lists.debian.org
Cc: lamby@debian.org
Subject: Re: [SECURITY] [DLA 520-1] horizon security update
From: Raphael Hertzog <hertzog@debian.org>
Date: Sun, 19 Jun 2016 10:25:02 +0200
Message-id: <[🔎] 20160619082502.GB27028@home.ouaza.com>
Mail-followup-to: Raphael Hertzog <hertzog@debian.org>, debian-lts@lists.debian.org, lamby@debian.org
In-reply-to: <1466280759.1599170.641670833.6AC26B26@webmail.messagingengine.com>
References: <1466280759.1599170.641670833.6AC26B26@webmail.messagingengine.com>

Hi,

On Sat, 18 Jun 2016, Chris Lamb wrote:
> Package        : horizon
> Version        : 2012.1.1-10+deb7u1
> CVE ID         : CVE-2016-4428
> 
> It was discovered that there was an XSS vulnerability in horizon,
> a Django module providing web interaction with OpenStack.

┏x230-buxy:~/deb/lts/debian-security-support (master)
┗(547)$ grep horizon security-support-*
security-support-ended.deb7:horizon                 2012.1.1-10             2016-02-06  Not supported in Debian LTS (https://lists.debian.org/debian-lts/2015/11/msg00024.html)

All of Openstack is no longer support in Wheezy LTS. Please
don't spend time on unsupported packages.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

Reply to:

Follow-Ups:
- Re: [SECURITY] [DLA 520-1] horizon security update
  - From: Chris Lamb <lamby@debian.org>

Prev by Date: Re: Analysis of nss CVE-2016-2834
Next by Date: Re: [SECURITY] [DLA 520-1] horizon security update
Previous by thread: Re: Analysis of nss CVE-2016-2834
Next by thread: Re: [SECURITY] [DLA 520-1] horizon security update
Index(es):
- Date
- Thread