Control: tag -1 pending Hello,
Bug #1029562 in cinder reported by you has been fixed in the Git repository and is awaiting an upload. You can see the commit message below and you can check the diff of the fix at: https://salsa.debian.org/openstack-team/services/cinder/-/commit/3797e3c3123ddfc6c126f971e27f294a91d877ac ------------------------------------------------------------------------ * CVE-2022-47951: By supplying a specially created VMDK flat image which references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server resulting in unauthorized access to potentially sensitive data. Add upstream patch CVE-2022-47951_Check_VMDK_subformat_against_an_allowed_list.patch (Closes: #1029562). ------------------------------------------------------------------------ (this message was generated automatically) -- Greetings https://bugs.debian.org/1029562
