diff -Nru horizon-13.0.3/debian/changelog horizon-13.0.3/debian/changelog
--- horizon-13.0.3/debian/changelog	2021-01-05 14:50:31.000000000 +0000
+++ horizon-13.0.3/debian/changelog	2021-05-25 12:37:51.000000000 +0000
@@ -1,8 +1,8 @@
-horizon (3:13.0.3-0ubuntu2~cloud0) xenial-queens; urgency=medium
+horizon (3:13.0.3-0ubuntu2~cloud1) xenial-queens; urgency=medium
 
   * New update for the Ubuntu Cloud Archive.
 
- -- Openstack Ubuntu Testing Bot <openstack-testing-bot@ubuntu.com>  Tue, 05 Jan 2021 14:50:31 +0000
+ -- Openstack Ubuntu Testing Bot <openstack-testing-bot@ubuntu.com>  Tue, 25 May 2021 12:37:51 +0000
 
 horizon (3:13.0.3-0ubuntu2) bionic-security; urgency=medium
 
diff -Nru horizon-13.0.3/debian/patches/CVE-2020-29565.patch horizon-13.0.3/debian/patches/CVE-2020-29565.patch
--- horizon-13.0.3/debian/patches/CVE-2020-29565.patch	2020-12-08 21:00:52.000000000 +0000
+++ horizon-13.0.3/debian/patches/CVE-2020-29565.patch	2021-05-25 12:37:51.000000000 +0000
@@ -1,4 +1,4 @@
-From 9e0e333ab5277b6c396f602862ff90398cb0242b Mon Sep 17 00:00:00 2001
+From 8825407c1bbf4ea4de5a1dfb7a08cc687e2fe21e Mon Sep 17 00:00:00 2001
 From: Radomir Dopieralski <openstack@sheep.art.pl>
 Date: Mon, 7 Sep 2020 21:03:36 +0200
 Subject: [PATCH] Fix open redirect
@@ -9,6 +9,9 @@
 Conflicts:
 	horizon/test/unit/workflows/test_workflows.py
 
+Adapted to work with Django before 1.11 which only has a host argument,
+instead of allowed_hosts for django.utils.http.is_safe_url().
+
 Change-Id: I06b2bfc8e3638591615547780c3fa34b0abe19f6
 Closes-bug: #1865026
 (cherry picked from commit 252467100f75587e18df9c43ed5802ee8f0017fa)
@@ -22,7 +25,7 @@
  create mode 100644 releasenotes/notes/bug-cd9099c1ba78d637.yaml
 
 diff --git a/horizon/test/unit/workflows/test_workflows.py b/horizon/test/unit/workflows/test_workflows.py
-index 04b907b57..f3b152490 100644
+index 6ac215e22..04740b119 100644
 --- a/horizon/test/unit/workflows/test_workflows.py
 +++ b/horizon/test/unit/workflows/test_workflows.py
 @@ -14,8 +14,8 @@
@@ -35,7 +38,7 @@
  import six
  
  from horizon import exceptions
-@@ -360,3 +360,27 @@
+@@ -360,3 +360,27 @@ class WorkflowsTests(test.TestCase):
  
          flow = TestWorkflow(req, entry_point="test_action_two")
          self.assertEqual("test_action_two", flow.get_entry_point())
@@ -64,10 +67,10 @@
 +        context = view.get_context_data()
 +        self.assertIsNone(context['REDIRECT_URL'])
 diff --git a/horizon/workflows/views.py b/horizon/workflows/views.py
-index 89ed1c044..35139f33c 100644
+index 0ce15a8f1..94bdbc35a 100644
 --- a/horizon/workflows/views.py
 +++ b/horizon/workflows/views.py
-@@ -18,6 +18,7 @@
+@@ -18,6 +18,7 @@ import json
  from django import forms
  from django import http
  from django import shortcuts
@@ -75,7 +78,7 @@
  from django.views import generic
  
  import six
-@@ -92,8 +93,15 @@
+@@ -92,8 +93,15 @@ class WorkflowView(hz_views.ModalBackdropMixin, generic.TemplateView):
          workflow = self.get_workflow()
          workflow.verify_integrity()
          context[self.context_object_name] = workflow
@@ -86,7 +89,7 @@
 +        # Make sure the requested redirect is safe
 +        if redirect_to and not utils_http.is_safe_url(
 +                url=redirect_to,
-+                allowed_hosts=[self.request.get_host()]):
++                host=self.request.get_host()):
 +            redirect_to = None
 +        context['REDIRECT_URL'] = redirect_to
 +
@@ -107,5 +110,5 @@
 +    Now the redirect will only work if the target URL is in the same domain,
 +    and uses the same protocol.
 -- 
-2.29.2
+2.30.2