- Update to version horizon-2013.2.5.dev2.g9ee7273:
* fix Horizon login page DOS attack (bnc#908199, CVE-2014-8124)
* update version to 2013.2.5
* Updated from global requirements
* Pin docutils to 0.9.1
* Set python hash seed to 0 in tox.ini
* Check host is not none in each availability zone
* Fix XSS issue with the unordered_list filter (bnc#891815, CVE-2014-3594)
+ 0001-Use-default_project_id-for-v3-users.patch (manually)
* Replace UserManager with None in tests
* Update test-requirements to fix sphinx build_doc
* Fix multiple Cross-Site Scripting (XSS) vulnerabilities
(bnc#885588, CVE-2014-3473, CVE-2014-3474, CVE-2014-3475)
* Fix issues with importing the Login form

- Added bnc869696-admin_password_injection.patch that fixes

Bug 869696 - Admin password injection on Horizon Dashboard is broken.

- Update to version horizon-2013.2.4.dev8.g07c097f:
* Bug fix on neutron's API to return the correct target ID
* Fix display of images in Rebuild Instance
* Get instance networking information from Neutron
* Bump stable/havana next version to 2013.2.4
* Do not release FIP on disassociate action
* Introduces escaping in Horizon/Orchestration
2013.2.3 (bnc#871855, CVE-2014-0157)

- Update to version horizon-2013.2.3.dev8.g3d04c3c:
* Reduce number of novaclient calls
* Don't copy the flavorid when updating flavors
* Allow snapshots of paused and suspended instances
* Fixing tests to work with keystoneclient 0.6.0
* Bump stable/havana next version to 2013.2.3
+ Use upstream URL as source (enables verification)
+ Import translations for Havana 2013.2.2 udpate

- Update to version 2013.2.2.dev29.g96bd650:
+ Update Transifex resource name for havana
+ Fix inappropriate logouts on load-balanced Horizon

- Rebased patches:
+ 0001-Bad-workflow-steps-check-has_required_fields.patch dropped (merged upstream)

- Update to version 2013.2.2.dev25.g6508afd:
+ disable volume creation, when cinder is disabled
+ Bad workflow-steps check: has_required_fields
+ Specify tenant_id when retrieving LBaaS/VPNaaS resource

- Update to version 2013.2.2.dev19.g7a8eadc:
+ Give HealthMonitor a proper display name

- Add refresh_patches source service

- Update to version 2013.2.2.dev17.gaa55b24:
+ Common keystone version fallback
- Add refresh_patches source service
- Rebased patches:
+ 0001-Use-default_project_id-for-v3-users.patch (only offset)
+ 0001-Common-keystone-version-fallback.patch dropped (merged upstream)

- Move settings.py (default settings) to branding-upstream
subpackage: a branding package might want to change some default
settings.

- add 0001-Common-keystone-version-fallback.patch,
0001-Use-default_project_id-for-v3-users.patch

- Update to version 2013.2.2.dev15.g2b6dfa7:
+ fix help text in "Create An image" window
+ Change how scrollShift is calculated
+ unify keypair name handling

- Add 0001-Give-no-background-color-to-the-pie-charts.patch: do not
give a background color to pie charts.

- Update to version 2013.2.2.dev9.gc6d38a1:
+ Wrong marker sent to keystone

- Update to version 2013.2.2.dev7.g2e11482:
+ Adding management_url to test mock client

- add 0001-Bad-workflow-steps-check-has_required_fields.patch

- Make python-horizon require the 2013.2 version of
python-horizon-branding (and not the 2013.2.xyz version). This
makes it easier to create non-upstream branding; we already do
this for the other branding subpackage.

- Update to version 2013.2.2.dev6.g2c1f1f3:
+ Add check for BlockDeviceMappingV2 nova extension
+ Gracefully handle Users with no email attribute
+ Import install_venv from oslo
+ Bump stable/havana next version to 2013.2.2

- fix requires

- Update to version 2013.2.1.dev41.g9668e80:
+ Updated from global requirements

- put everything under /srv/www/openstack-dashboard

- Update to version 2013.2.1.dev40.g852e5c8:
+ Import translations for Havana 2013.2.1 udpate
+ Deleting statistics tables from resource usage page
+ Allow "Working" in spinner to be translatable
+ lbaas/horizon - adds tcp protocol choice when create lb
+ Fix a bug some optional field in LBaaS are mandatory
+ Fix bug so that escaped html is not shown in volume detach dialog
+ Role name should not be translated in Domain Groups dialog
+ Fix incomplete translation of "Update members" widget
+ Fix translatable string for "Injected File Path Bytes"
+ Add extra extension file to makemessage command line
+ Add contextual markers to BatchAction messages
+ Logging user out after self password change
+ Add logging configuration for iso8601 module
+ Ensure all compute meters are listed in dropdown
+ Fix bug by escaping strings from Nova before displaying them
(bnc#852175, CVE-2013-6858)

- add/use generic openstack-branding provides

- Update to version 2013.2.1.dev9.g842ba5f:
+ Fix default port of MS SQL in security group template
+ Provide missing hover hints for instance:<type> meters
+ translate text: "subnet"/"subnet details"
+ Change "Tenant" to "Project"
+ Avoid discarding precision of metering data

- Use Django's signed_cookies session backend like upstream and drop
the usage of cache_db
- No need to set SECRET_KEY anymore, upstream learned it too