{"affected":[{"ecosystem_specific":{"binaries":[{"crowbar-barclamp-nova_dashboard":"1.9+git.1443622531.b2b2939-9.3","openstack-dashboard":"2014.2.4~a0~dev12-13.2","python-django_openstack_auth":"1.1.7-11.3","python-horizon":"2014.2.4~a0~dev12-13.2"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 5","name":"crowbar-barclamp-nova_dashboard","purl":"pkg:rpm/suse/crowbar-barclamp-nova_dashboard&distro=SUSE%20OpenStack%20Cloud%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.9+git.1443622531.b2b2939-9.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"crowbar-barclamp-nova_dashboard":"1.9+git.1443622531.b2b2939-9.3","openstack-dashboard":"2014.2.4~a0~dev12-13.2","python-django_openstack_auth":"1.1.7-11.3","python-horizon":"2014.2.4~a0~dev12-13.2"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 5","name":"openstack-dashboard","purl":"pkg:rpm/suse/openstack-dashboard&distro=SUSE%20OpenStack%20Cloud%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2014.2.4~a0~dev12-13.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"crowbar-barclamp-nova_dashboard":"1.9+git.1443622531.b2b2939-9.3","openstack-dashboard":"2014.2.4~a0~dev12-13.2","python-django_openstack_auth":"1.1.7-11.3","python-horizon":"2014.2.4~a0~dev12-13.2"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 5","name":"python-django_openstack_auth","purl":"pkg:rpm/suse/python-django_openstack_auth&distro=SUSE%20OpenStack%20Cloud%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.1.7-11.3"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update provides fixes and enhancements for openstack-dashboard,\ncrowbar-barclamp-nova_dashboard and python-django_openstack_auth.\n\nopenstack-dashboard:\n\n- Reset flavors for other than 'Boot from Image' source type. (bsc#945515)\n- Add deactivated status for glance image.\n- Fix TemplateSyntaxError at hypervisors view.\n- Fix addition of plugin panel to panel group.\n- Remove admin role name 'admin' hardcode. (bsc#935442)\n- Escape the description param from heat template. (bsc#933722, CVE-2015-3219)\n- Enhance policy rules to workflow actions and identity project.\n- Sanitation of metadata passed from Django to avoid persistent XSS. (bsc#931437, CVE-2015-3988)\n- Fix Terminate Instance on network topology page.\n- Show ports from shared nets in floating IP assoc.\n- Fix incorrect ca arguments for calling ceilometer client.\n- Fix dynamic select layout when help block is displayed.\n- Pass correct project ID to get tenant_usages. (bsc#928891)\n\ncrowbar-barclamp-nova_dashboard:\n\n- Allow switching on multidomain support. (bsc#945052)\n- Fix quoting of supported_provider_types. (bsc#936368)\n- Enable the POLICY_FILES setting configuration.\n- Fix attribute being fetched from wrong node. (bsc#936059)\n\npython-django_openstack_auth:\n\n- Remove admin role name 'admin' hardcode in User.is_superuser().\n","id":"SUSE-SU-2015:2064-1","modified":"2015-11-20T13:11:32Z","published":"2015-11-20T13:11:32Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20152064-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/928891"},{"type":"REPORT","url":"https://bugzilla.suse.com/931437"},{"type":"REPORT","url":"https://bugzilla.suse.com/933607"},{"type":"REPORT","url":"https://bugzilla.suse.com/933722"},{"type":"REPORT","url":"https://bugzilla.suse.com/935442"},{"type":"REPORT","url":"https://bugzilla.suse.com/936059"},{"type":"REPORT","url":"https://bugzilla.suse.com/936368"},{"type":"REPORT","url":"https://bugzilla.suse.com/945052"},{"type":"REPORT","url":"https://bugzilla.suse.com/945515"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3219"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-3988"}],"related":["CVE-2015-3219","CVE-2015-3988"],"summary":"Security update for openstack-dashboard","upstream":["CVE-2015-3219","CVE-2015-3988"]}