From 680bb722e0c3307de45645e45054393102fb8afb Mon Sep 17 00:00:00 2001
From: Seunghun Lee <seunghun@stackhpc.com>
Date: Mon, 15 Apr 2024 12:00:18 +0100
Subject: [PATCH] Update Ubuntu horizon tag to fix CVE-2023-31122

---
 etc/kayobe/kolla-image-tags.yml                       | 2 ++
 releasenotes/notes/bump-horizon-694d426decbf7df3.yaml | 5 +++++
 2 files changed, 7 insertions(+)
 create mode 100644 releasenotes/notes/bump-horizon-694d426decbf7df3.yaml

diff --git a/etc/kayobe/kolla-image-tags.yml b/etc/kayobe/kolla-image-tags.yml
index 9ff72b2b0..9eeba0c83 100644
--- a/etc/kayobe/kolla-image-tags.yml
+++ b/etc/kayobe/kolla-image-tags.yml
@@ -12,6 +12,8 @@ kolla_image_tags:
   heat:
     rocky-9: 2023.1-rocky-9-20240319T134201
     ubuntu-jammy: 2023.1-ubuntu-jammy-20240319T134201
+  horizon:
+    ubuntu-jammy: 2023.1-ubuntu-jammy-20240402T104530
   letsencrypt:
     rocky-9: 2023.1-rocky-9-20240205T162323
     ubuntu-jammy: 2023.1-ubuntu-jammy-20240221T133905
diff --git a/releasenotes/notes/bump-horizon-694d426decbf7df3.yaml b/releasenotes/notes/bump-horizon-694d426decbf7df3.yaml
new file mode 100644
index 000000000..780797d9e
--- /dev/null
+++ b/releasenotes/notes/bump-horizon-694d426decbf7df3.yaml
@@ -0,0 +1,5 @@
+---
+security:
+  - |
+    Update Horizon on Ubuntu to include apache2 package ``2.4.52-1ubuntu4.8``
+    which fixes CVE-2023-31122.