On 2026-02-17 17:10:27 +0100 (+0100), Salvatore Bonaccorso wrote: [...]
Just a small heads-up: The title mentions CVE-2026-24708, but the mail body once CVE-2026-24708 and refers to CVE-2026-24709. My understandign is that CVE-2026-24708 should be the correct one as this was the CVE originally mentioned.Jeremy, can you confirm: CVE-2026-2470*8* is the one to use?
Thanks for catching that! It slipped through code review, we should probably redesign our metadata to not need repetition of the CVE ID.
You are correct, CVE-2026-24708 is the identifier MITRE assigned. I'll issue errata shortly revising the publication accordingly. Thanks again!
-- Jeremy Stanley OpenStack Vulnerability Management Team https://security.openstack.org/vmt.html
signature.asc
Description: PGP signature
