lp:ubuntu/saucy-updates/horizon

Created by Ubuntu Package Importer on 2013-10-29 and last modified on 2014-05-05
Get this branch:
bzr branch lp:ubuntu/saucy-updates/horizon
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

61. By Jamie Strandboge on 2014-05-05

* SECURITY UPDATE: fix XSS in Heat template description and outputs
  parameters
  - LP: #1289033
  - CVE-2014-0157

60. By Jamie Strandboge on 2013-12-03

* SECURITY UPDATE: XSS in Volumes and Network Topology pages
  - debian/patches/CVE-2013-6406: html.escape() various items in
    volumes/tables.py and volume_snapshots/tables.py
  - CVE-2013-6406 (also referred to as CVE-2013-6858)
  - LP: #1247675

59. By Chuck Short on 2013-10-16

New upstream release candidate (LP: #1240665).

58. By Chuck Short on 2013-10-15

* New upstream release candidate. (#1239156)
* debian/README.compression: Updated documenation on how to
  refresh the static assets.

57. By James Page on 2013-10-04

* d/theme/css/ubuntu.css: Refresh Ubuntu theme against new Havana
  stylesheets, fixing network and chart layouts (LP: #1235249).
* d/openstack-dashboard.postinst: Allow horizon user to read and
  write data in /var/lib/openstack-dashboard inline with user and
  group permissions set in Apache configuration.

56. By James Page on 2013-10-03

[ James Page ]
* New upstream release candidate:
  - d/static: Refreshed static assets for 2013.2~rc1.
  - d/patches: Refreshed patches.

[ Chuck Short ]
* debian/control: Add python-lesscpy as a suggests to optionally
  support online compression of static assets (LP: #1226674).

55. By James Page on 2013-10-02

* Don't use /etc/openstack-dashboard for in-process generated data
  (LP: #1233752):
  - d/openstack-dashboard.{dirs,postinst}:
    + Create /var/lib/openstack-dashboard with restricted permissions,
      allowing www-data user to write a secret_key if need be.
    + Move /etc/openstack-dashboard/secret_key to correct location if
      it already exists.
  - d/p/ubuntu_settings.patch: Use /var/lib/openstack-dashboard for
    secret key storage instead of /etc/openstack-dashboard.

54. By Adam Gandelman on 2013-09-06

* New upstream release.
* debian/control: Minimum python-openstack-auth version >= 1.1.1.
* debian/control: Add python-troveclient.
* debian/static: Refresh static assets for 2013.2~b3.
* debian/patches: ubuntu_local_settings.patch -> ubuntu_settings.patch, also
  patch location of secret key in openstack_dashboard/settings.py

53. By Adam Gandelman on 2013-09-06

* debian/patches/ubuntu_local_settings.py: Set flexible
  default for ALLOWED_HOSTS that should be changed for production
  deployments (LP: #1214982).
* Fix (LP: #1216019):
  - debian/openstack-dashboard.{postinst, postrm}: Add/remove horizon
    user. Ensure /etc/openstack-dashbard ownership.
  - debian/openstack-dashboard.conf: Run WSGIDaemonProcess as user
    horizon, set WSGIProcessGroup to horizon.
  - debian/patches/ubuntu_local_settings.py: Generate and load secret
    key from /etc/openstack-dashboard/secret_key.

52. By James Page on 2013-09-02

* d/static/*: Refresh static assets for 2013.2~b2.
* d/rules: Tweak helper for refreshing static assets to link
  local_settings.py correctly.
* d/openstack-dashboard.p*: Fix typo in configuration file name,
  ensure consistent use of tabs/spaces.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/trusty/horizon
This branch contains Public information 
Everyone can see this information.

Subscribers