-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 21 Jun 2024 09:19:56 +0200
Source: cinder
Architecture: source
Version: 2:21.3.1-1~deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1074763
Changes:
 cinder (2:21.3.1-1~deb12u1) bookworm-security; urgency=high
 .
   * New upstream release.
   * Drop CVE-2023-2088_Reject_unsafe_delete_attachment_calls.patch applied
     upstream.
   * Blacklist RBDISCSITestCase.test_unsupported_client_version().
   * Add add-params-thin_provisioning-equal-one.patch.
   * CVE-2024-32498: Arbitrary file access through custom QCOW2 external data.
     Add upstream patch (Closes: #1074763):
     - cve-2024-32498-cinder-stable-2023.1.patch
   * Build-depends on qemu-utils.
   * Correctly calls manage_glance_api_servers() in config script.
Checksums-Sha1:
 f1571dc5ed5def7e335624cf3c39185b7d0a87e1 4450 cinder_21.3.1-1~deb12u1.dsc
 b46d389cbe724b3f593646f2165f06f764da5cb4 4161296 cinder_21.3.1.orig.tar.xz
 42c5333a820ddad3ff54098754a11a0292b480a9 67164 cinder_21.3.1-1~deb12u1.debian.tar.xz
 cac2ce00f55a75dedc0350a09f982c6c523d61c4 20669 cinder_21.3.1-1~deb12u1_amd64.buildinfo
Checksums-Sha256:
 43e962eadb1821e58a52e479b14e8b282c8877b4358bc9b8bbd3adf3784dd2f2 4450 cinder_21.3.1-1~deb12u1.dsc
 11a30407dfe5167e0a96eee1e96d838b483c32d76eeb1274f68cb43290d5128d 4161296 cinder_21.3.1.orig.tar.xz
 fcfb8d4af0299c06d1ae715a36497e8712cd860a9b05cfa0242031468150a690 67164 cinder_21.3.1-1~deb12u1.debian.tar.xz
 89b674d95f99818a41d678d9b4d939612dca593c3a77807e0ab2da86ff402a1b 20669 cinder_21.3.1-1~deb12u1_amd64.buildinfo
Files:
 ec5779d2965d09ad0eb26b89371c1815 4450 net optional cinder_21.3.1-1~deb12u1.dsc
 14aa8b46b946beec32ca38d13e196ce5 4161296 net optional cinder_21.3.1.orig.tar.xz
 63cd23b24f3f3c93a5f876e1c78c23c9 67164 net optional cinder_21.3.1-1~deb12u1.debian.tar.xz
 4ac46ffab712e4425a95d96de90d0bb4 20669 net optional cinder_21.3.1-1~deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmbEkDEACgkQ1BatFaxr
Q/6bMw/+Np6911V9sMOznX8p2VRKtsdJ1as/kNHeEw70YQFaE19dkT/D4HWGhkgW
Ka8tf0TVNOrOB+Kc/1qlkyEanw8h16SgOK1RxjpbAFNfmZQQCbxftQGhqiUBHSEe
9aDDUfgI4rnx+372JmGC3kDbH+eUMLLfqWQootG0LpDeFkFRiFEuyWW6+mNWhw7D
zKtQgs7JmzT0BzfwS2RdgRkltoSHkKHxfMSVJ8oiYNFhOfHx3yS1OBt9TBQL8fpT
6e2uOo7zRlo1qoN+aWaeYi6IoepNrtmeNmRACUTKA5qTHVbaqWApBJCvoRcpm7ob
DZ9p3Uwj12021XPTSLrGl5w7o5556kJs751Q9ekXwC3ehWZhyOkswcjun4Q2pumA
KCKGyukeJj20nbLTjoW713i6qTW7HIbXZRxJ59aoCgw5f1+UcnlYrXcukO2fnFJJ
Oz8qo7areGldIbMUr3wGq9aPHJGusPibChSoFKP0NC5UjYW9/97JQe9Zb1RGeQRl
m3zOVcfvCUUof9TghKdbRZB6UlReCuGb4k/FsC3k3S/wcgH7N9h66DdJPDjAPD5m
Dv5fwR5Lbv9e2iFi2eKRX/xU9Un+JBYvPHPGYsbXmW4PIaLdbsnu331IVkEYHhHe
+JmTa40E7YS2W1H13We6jRuThWVZeoPeizlN6wJb5Wq2tV/QgIY=
=h3Sl
-----END PGP SIGNATURE-----