open-webui Ollama proxy route missing backend authorization check

Several Ollama proxy routes accept a caller-supplied url_idx path parameter and use it as a raw index into the OLLAMA_BASE_URLS list without verifying that the user is authorized to access that backend. This allows any authenticated user to route requests to any configured Ollama backend, including internal, higher-privilege, or disabled backends.

All deployments of open-webui <= 0.9.5 that use multiple Ollama backends or have backends with different privilege levels. Any authenticated user with read access to at least one model can exploit this.

Upgrade to open-webui >= 0.9.6 immediately to apply the fix that validates backend access via validate_ollama_backend_idx().