[Openstack] [OSSA 2012-012] Horizon, Open redirect through 'next' parameter (CVE-2012-3540)
Kiall Mac Innes
kiall at managedit.ie
Thu Sep 13 15:41:26 UTC 2012
According to Russell's message - this bug only affects the essex/stable
branch.. No backport is necessary I guess..
Also - https://github.com/openstack/horizon/tree/stable/essex shows the
most recent commit is the commit/fix he linked to..
Thanks,
Kiall
On Thu, Sep 13, 2012 at 4:17 PM, andi abes <andi.abes at gmail.com> wrote:
> Has a fix for this been backported to essex/stable branch?
>
> On Thu, Aug 30, 2012 at 11:35 AM, Russell Bryant <rbryant at redhat.com>
> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > This advisory included the wrong CVE. It was CVE-2012-3540. Sorry
> > about that.
> >
> > On 08/30/2012 11:10 AM, Russell Bryant wrote:
> >> OpenStack Security Advisory: 2012-012 CVE: CVE-2012-3542
> >
> > This should have been CVE-2012-3540
> >
> >> Date: August 30, 2012 Title: Open redirect through 'next'
> >> parameter Impact: Medium Reporter: Thomas Biege (SUSE) Products:
> >> Horizon Affects: Essex (2012.1)
> >>
> >> Description: Thomas Biege from SUSE reported a vulnerability in
> >> Horizon authentication mechanism. By adding a malicious 'next'
> >> parameter to a Horizon authentication URL and enticing an
> >> unsuspecting user to follow it, the victim might get redirected
> >> after authentication to a malicious site where useful information
> >> could be extracted. Only setups running Essex are affected.
> >>
> >> Fixes: 2012.1:
> >>
> https://github.com/openstack/horizon/commit/35eada8a27323c0f83c400177797927aba6bc99b
> >>
> >> References:
> >> http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-3542
> >
> > This should have been:
> >
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-3540
> >
> >> https://bugs.launchpad.net/horizon/+bug/1039077
> >>
> >> Notes: This fix will be included in a future Essex (2012.1)
> >> release.
> >
> > - --
> > Russell Bryant
> > OpenStack Vulnerability Management Team
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.12 (GNU/Linux)
> > Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
> >
> > iEYEARECAAYFAlA/iDEACgkQFg9ft4s9SAbPBQCgndIk58K5ZF71PCxmWfDjV9MO
> > 4yoAoJDGBeqC4TbJnyo+AsEeQYeTQEe6
> > =zO6p
> > -----END PGP SIGNATURE-----
> >
> > _______________________________________________
> > Mailing list: https://launchpad.net/~openstack
> > Post to : openstack at lists.launchpad.net
> > Unsubscribe : https://launchpad.net/~openstack
> > More help : https://help.launchpad.net/ListHelp
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120913/e8a85ac8/attachment.html>
More information about the Openstack
mailing list