(RHSA-2014:0581) Low: python-django-horizon security update

OpenStack Dashboard (horizon) provides administrators and users a graphical
interface to access, provision and automate cloud-based resources.
The dashboard allows cloud administrators to get an overall view of the
size and state of the cloud and it provides end-users a self-service portal
to provision their own resources within the limits set by administrators.

A flaw was discovered in OpenStack Dashboard that could allow a remote
attacker to conduct cross-site scripting (XSS) attacks if they were able to
trick a horizon user into using a malicious heat template. Note that only
setups exposing the orchestration dashboard in OpenStack Dashboard were
affected. (CVE-2014-0157)

Red Hat would like to thank the OpenStack project for reporting this issue.
Upstream acknowledges Cristian Fiorentino from Intel as the original
reporter.

All python-django-horizon users are advised to upgrade to these updated
packages, which correct this issue.