OpenStack Dashboard (Horizon)

Update XStatic-jquery-ui to 1.13.0.1 to Address CVE-2021-41182

Bug #2070439 reported by Vishal Manchanda on 2024-06-26

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Dashboard (Horizon)	Fix Released	Undecided	Unassigned

Bug Description

Horizon is currently using XStatic-jquery-ui version 1.12.1.1, which is affected by a security vulnerability (CVE-2021-41182). It is recommended to update to version 1.13.0.1, which includes the fix for this issue [1].

[1] https://nvd.nist.gov/vuln/detail/CVE-2021-41182

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-07-18: Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/openstack/horizon/+/924383

Changed in horizon:
status:	New → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-07-23: Fix merged to horizon (master)

Reviewed: https://review.opendev.org/c/openstack/horizon/+/924383
Committed: https://opendev.org/openstack/horizon/commit/c7650f4c0cbe8b3b53f9c12eae8f4c5d484c29bf
Submitter: "Zuul (22348)"
Branch: master

commit c7650f4c0cbe8b3b53f9c12eae8f4c5d484c29bf
Author: manchandavishal <email address hidden>
Date: Thu Jul 18 12:59:12 2024 +0530

Update xstatic-jquery-ui min. version to include latest CVE fix

This patch updates xstatic-jquery-ui minimum version to ensure
the latest security vulnerabilities are addressed.

Closes-Bug: 2070439
Change-Id: I42efca2e4dcafc67ccadd6ff71d3da2e9b0fdd98

Changed in horizon:
status:	In Progress → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #2070440

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.