We are pleased to announce the release of: horizon 16.2.1: OpenStack Dashboard This release is part of the train stable release series. The source is available from: https://opendev.org/openstack/horizon Download the package from: https://tarballs.openstack.org/horizon/ Please report issues through: https://bugs.launchpad.net/horizon/+bugs For more details, please see below. 16.2.1 ^^^^^^ Security Issues *************** * An open redirect has been fixed, that could redirect users to arbitrary addresses from certain views by specifying a "next" parameter in the URL. Now the redirect will only work if the target URL is in the same domain, and uses the same protocol. Bug Fixes ********* * [:bug:`1744670`] Previously when a custom SSL CA is used horizon cannot retrieve volume and snapshot information from cinder. It is fixed now and a custom CA is handled properly in horizon when communicating with cinder. Changes in horizon 16.2.0..16.2.1 --------------------------------- 55bc44e93 Cap bandit for python 2.7 env 6c208edf3 Fix open redirect 2bdf22e7c Imported Translations from Zanata 68d4c5e78 Add custom SSL CA Cert support for api.cinder.get_microversion ca3884884 Imported Translations from Zanata 63214ab17 Fix use of ngettext in registry getName 7d4f76bc6 Define periodic jobs 8b5130050 Update geckodriver version to v0.27.0. e966e0f38 Add miss comma of "REST_API_REQUIRED_SETTINGS" list d83d58af1 Fix horizon-nodejs10-run jobs Diffstat (except docs and test files) ------------------------------------- .zuul.yaml | 6 + .../conf/resource-type-registry.service.js | 13 +- horizon/test/unit/workflows/test_workflows.py | 26 +- horizon/workflows/views.py | 12 +- lower-constraints.txt | 8 +- openstack_dashboard/api/cinder.py | 52 +++- .../dashboard/identity/domains/domains.module.js | 2 +- .../dashboard/identity/groups/groups.module.js | 2 +- .../dashboard/identity/roles/roles.module.js | 2 +- .../dashboard/identity/users/users.module.js | 2 +- .../project/containers/containers.module.js | 9 +- openstack_dashboard/defaults.py | 2 +- .../locale/cs/LC_MESSAGES/djangojs.po | 240 ++++++++++-------- .../locale/de/LC_MESSAGES/djangojs.po | 243 +++++++++--------- .../locale/en_AU/LC_MESSAGES/djangojs.po | 172 +++++++------ .../locale/en_GB/LC_MESSAGES/djangojs.po | 243 +++++++++--------- .../locale/eo/LC_MESSAGES/djangojs.po | 241 +++++++++--------- .../locale/es/LC_MESSAGES/djangojs.po | 239 +++++++++--------- .../locale/fr/LC_MESSAGES/djangojs.po | 248 +++++++++--------- .../locale/id/LC_MESSAGES/djangojs.po | 191 ++++++-------- .../locale/it/LC_MESSAGES/djangojs.po | 142 ++++++----- .../locale/ja/LC_MESSAGES/djangojs.po | 215 ++++++++-------- .../locale/ko_KR/LC_MESSAGES/djangojs.po | 214 ++++++++-------- .../locale/pt_BR/LC_MESSAGES/djangojs.po | 244 +++++++++--------- .../locale/ru/LC_MESSAGES/djangojs.po | 280 ++++++++++++--------- .../locale/tr_TR/LC_MESSAGES/djangojs.po | 238 +++++++++--------- .../locale/zh_CN/LC_MESSAGES/djangojs.po | 215 ++++++++-------- .../locale/zh_TW/LC_MESSAGES/djangojs.po | 212 ++++++++-------- .../static/app/core/flavors/flavors.module.js | 2 +- .../static/app/core/images/images.module.js | 2 +- .../static/app/core/keypairs/keypairs.module.js | 2 +- .../static/app/core/network_qos/qos.module.js | 3 +- .../app/core/server_groups/server-groups.module.js | 3 +- .../static/app/core/trunks/trunks.module.js | 2 +- .../static/app/resources/resources.module.js | 62 +++-- openstack_dashboard/test/test_data/cinder_data.py | 36 +++ openstack_dashboard/test/unit/api/test_cinder.py | 79 ++++++ playbooks/horizon-nodejs/pre.yaml | 6 + releasenotes/notes/bug-cd9099c1ba78d637.yaml | 7 + .../cinder-ssl-deployment-e4dcd6fc0027c96a.yaml | 7 + test-requirements.txt | 2 +- 43 files changed, 2146 insertions(+), 1786 deletions(-) Requirements updates -------------------- diff --git a/test-requirements.txt b/test-requirements.txt index ab6d9949b..55f248a02 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -13 +13 @@ astroid==2.1.0;python_version>='3.0' # LGPLv2.1 -bandit!=1.6.0,>=1.4.0 # Apache-2.0 +bandit!=1.6.0,>=1.4.0,<1.6.3 # Apache-2.0