Control: tag -1 pending

Hello,

Bug #1141716 in ironic reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/openstack-team/services/ironic/-/commit/180627818c4b8dc1c22e74cb7bf853b6089d8d20

------------------------------------------------------------------------
* CVE-2026-44918: multiple related vulnerabilities in Ironic RBAC. An
    authenticated project manager can change the node associated with Volume
    Connectors or Volume Target objects, potentially changing the project
    permitted to access the object. Volume Connectors contain secrets in
    environments configuring boot from volume with iSCSI volumes. Applied
    upstream patch: "Prevent rehoming resources to nodes with different owner".
    (Closes: #1141716).
  * CVE-2026-54423: A malicious user with access to deploy a node directly via
    Ironic can specify the IPMI `send_raw` deployment step with a malicious
    payload and send commands to that nodes' BMC. Applied upstream patches:
    - Add operator-configurable step disallow lists
    - block vendor.send_raw
    (Closes: #1141717).
------------------------------------------------------------------------

(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1141716

Reply via email to