Accepted glance 2:32.0.0~rc1-3 (source) into experimental

Debian FTP Masters Thu, 19 Mar 2026 09:20:00 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 19 Mar 2026 16:05:37 +0100
Source: glance
Architecture: source
Version: 2:32.0.0~rc1-3
Distribution: experimental
Urgency: medium
Maintainer: Debian OpenStack <[email protected]>
Changed-By: Thomas Goirand <[email protected]>
Closes: 1131274
Changes:
 glance (2:32.0.0~rc1-3) experimental; urgency=medium
 .
   * Server-Side Request Forgery (SSRF) vulnerabilities in Glance image import.
     By use of HTTP redirects, an authenticated user can bypass URL validation
     checks and redirect to internal services. Add upstream patch:
     - OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch.
     (Closes: #1131274).
Checksums-Sha1:
 b19a9dff14ffbc6a4d3d37ca164ce507c2e6f0aa 3735 glance_32.0.0~rc1-3.dsc
 1ab327b5081dbf6ca9c916ea8f1ba4b7354c90a6 27916 
glance_32.0.0~rc1-3.debian.tar.xz
 38a024a66ffeb9f90893ef76fffaeafafae875d3 19150 
glance_32.0.0~rc1-3_amd64.buildinfo
Checksums-Sha256:
 9efaeba18d61c6dcf25cd316bb227d498d487530be70c568ed5097324543a83a 3735 
glance_32.0.0~rc1-3.dsc
 cf1aa9f5e3e0abf760cc2deab8a4e99eb9100a27f466c601bbae770667849390 27916 
glance_32.0.0~rc1-3.debian.tar.xz
 9ec5624f16fbbf8fa7b024a5ccdf0d953056dd44300bbfcc63e3ce86f8d73f53 19150 
glance_32.0.0~rc1-3_amd64.buildinfo
Files:
 713160c7141fdf357f50c272fd5e7186 3735 net optional glance_32.0.0~rc1-3.dsc
 0761e4447ddc832a4fdb27fa68248c2f 27916 net optional 
glance_32.0.0~rc1-3.debian.tar.xz
 7d73fb1eae80cefa54545dd33b515fca 19150 net optional 
glance_32.0.0~rc1-3_amd64.buildinfo

pgpLWsM2hCemB.pgp
Description: PGP signature

Accepted glance 2:32.0.0~rc1-3 (source) into experimental

Reply via email to