CVE-2015-0259 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0259): OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage. *nova-2014.2.2-r1 (11 Mar 2015) 11 Mar 2015; Matthew Thode <prometheanfire@gentoo.org> +files/CVE-2015-0259-2014.2.2.patch, +nova-2014.2.2-r1.ebuild, -nova-2014.2.1.ebuild, -nova-2014.2.2.ebuild: fixing CVE-2015-0259
Closing noglsa for ~arch only.