-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 01 Jun 2026 09:59:53 +0200 Source: ironic Architecture: source Version: 1:29.0.5-0+deb13u2 Distribution: trixie-security Urgency: medium Maintainer: Debian OpenStack Changed-By: Thomas Goirand Closes: 1138842 Changes: ironic (1:29.0.5-0+deb13u2) trixie-security; urgency=medium . * CVE-2026-44917: Ironic does not validate the location of node.driver_info[pxe_template], allowing a user who can set it to expose arbitrary files on an internal Ironic network, such as the servicing, provisioning, or cleaning networks. Applied upstream patch: - CVE-2026-44917_disable-driver_info-level-pxe_template-override.patch * CVE-2026-46447: A user with access to add or modify node.driver_info or node.instance_info can create a crafted value to enable iPXE script execution during the boot process. Applied upstream patch: - CVE-2026-46447_Sanitize-kernel_append_parms.patch * CVE-2026-48681: A maliciously crafted ISO image can cause Ironic to perform path traversal and overwrite files on a conductor's disk. Applied upstream patch: - CVE-2026-48681-directory_transversal_ISO9660_support.patch (Closes: #1138842) Checksums-Sha1: 70aade674903b0ded38aa860f06758790763d067 4096 ironic_29.0.5-0+deb13u2.dsc b6b17bf8a174467edda78a62b7136c12b4058129 1892376 ironic_29.0.5.orig.tar.xz 429d4a7c86c46e60305de1f9f2ac7083f2c88720 57556 ironic_29.0.5-0+deb13u2.debian.tar.xz c281e764433eb557e0689a7bab0927e125887b59 22929 ironic_29.0.5-0+deb13u2_amd64.buildinfo Checksums-Sha256: 644051745f51ae28144feada9955fdebdaa384c2396209c60e37bbed46bdb395 4096 ironic_29.0.5-0+deb13u2.dsc 8381a472d7d79dc798a74917bf1cb8eb7795916d952643b64c7f5dc50532e6d9 1892376 ironic_29.0.5.orig.tar.xz f3d0bdc0238e59ddfc681ffffe72168f08476ee5f2ef5f44e8cb8dbfcd2d1787 57556 ironic_29.0.5-0+deb13u2.debian.tar.xz 1febe90e906d54b85341345899a79d87b3d9d753503c0df4b89e412d9c8f3827 22929 ironic_29.0.5-0+deb13u2_amd64.buildinfo Files: c7ba1099609a518d6e7d1f6297438145 4096 net optional ironic_29.0.5-0+deb13u2.dsc 52695995363316a16620272afa449301 1892376 net optional ironic_29.0.5.orig.tar.xz 109508b9c136ee0d34242d43fe9adf7d 57556 net optional ironic_29.0.5-0+deb13u2.debian.tar.xz c2dbe9d4061fab20e096ace9f3e3ca4e 22929 net optional ironic_29.0.5-0+deb13u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmopbyYACgkQ1BatFaxr Q/4Y8w/8Cruvve6dGTkUTZsatuSNgjN+MG3CKpBYlX2UMb+kZQGTjuBu24a0KeZ2 KJqkAfISn4rTPeQrUbhMbwxS31vBYq7rIXm5kNbWUWey3W7I4al/g6CHiGZugPZB vqiVVhffLCrampHg4fWhFAHJSkh4gKcs97qNVD5HVZijGUhxIC9BI4ou2Q/OYHKH cdqw0+kiMlnByM/zuzV/EJnrSa1sURHiF1alQpG6GY23NxeMb3GLDnO5RmxpYZ4y PqQbNw3u0Fj1ml76JhIJQJ2psWOviSrFa9Budii/CDCFPn+6e1vwj3hgGjYfVEEE NwXCDzfbyoEkD6MOtWjaF4y66YdTy5ZGDWoG3emzRf4VqJN3wWlpPoDf34k+pHbV wekqFlUc/N8WBRpwJFYAFhXFS4bORQ+QU+XZgkdvwxFEoDMftRykIy6WMVOXsi8d Thg5WPF/ucKnig5eyUzxx1ujXP/o/et19TKngA/gve7oRD27+P1T4RClNIlN9WkW 92hKNe6FmQQDpdR5xAJN4Fwse0vbs+5rCTsFigv7FNwOurnOCDLxug6ylC3VFOeZ mvPzR5eSR6+LRcpXC+M24I6KPTShgGStxy005PfKt9Trz7sHoC86tp0JORQVU5J5 8ZFX7SZ8gFL20e7QGxCw2BnqrFbJB9W4guZhd1LdHyYARmC84CQ= =VvVP -----END PGP SIGNATURE-----