[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index] [SECURITY] [DSA 6341-1] ironic security update To: debian-security-announce@lists.debian.org Subject: [SECURITY] [DSA 6341-1] ironic security update From: Moritz Muehlenhoff <jmm@debian.org> Date: Thu, 11 Jun 2026 18:49:36 +0000 Message-id: <[🔎] aisDQJnt4LDjReuB@seger.debian.org> Reply-to: debian-security-announce-request@lists.debian.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6341-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 11, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ironic CVE ID : CVE-2024-44082 CVE-2026-42997 CVE-2026-44916 CVE-2026-44917 CVE-2026-44919 CVE-2026-46447 CVE-2026-48681 Multiple security vulnerabilities were discovered in Ironic, the OpenStack component to manage and provision baremetal servers, which could result in information disclosure or denial of service. For the oldstable distribution (bookworm), these problems have been fixed in version 1:21.4.4-0+deb12u1. In addition python-oslo.messaging needed to be updated to 14.0.3-0+deb12u1. For the stable distribution (trixie), these problems have been fixed in version 1:29.0.5-0+deb13u2. In addition python-oslo.messaging needed to be updated to 16.1.0-3+deb13u1. We recommend that you upgrade your ironic packages. For the detailed security status of ironic please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ironic Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmorAx8ACgkQEMKTtsN8 TjYOXw/9EnXDkdfqQPWn6p04E/YA5rbPbqWOpmgD/0qmRPJE0P4zzNGiSje5VOqj f9TBAaxJPyxIuUQE0nzvVOQhWC4nFMZi5RSosVFiaqKoStKFkHFFx/3tjUAvWHUN QjFFRgwmrWx8jaGN+CPBi9sPdFnuXlc35s2+W5+idiw5HyTWjGCmwsIqucAbA+zY cciLqwE3FHf8dMrHr1x0+QSi+a0pvV4pHv3uGzKxV4bkERI9xzxUhD9ORjVvFfot 3RPuy8dzTMeyw6FVnlf8j3PVVIbPX3D+sn0RcHrFZ6lVN9Y2eYmj/5CPn/S/HwpI Z2Lr0HD+B+4y3olHwtJnquWSBNtbvxgNpMiw+xp3lWPbCNghw6oltdMrf+0O0TB4 GRV6fbZ+SstFAUsNI1LSs9xNr+5952947bLo6N5b94Rkc8LuWud5qIUd9s/k+1+N 7LfLJZLzj2+PwQP2Ul1N5ekIpwWu8qE+KBynFAeKfALYW62BSNjI71oJkO5q+Z8s xBGH7EIl8lr1I+GO6pROrfDhg7ThAaGSRg22xf2u+yzipyBUDpQN5nrKz53cjS8D jtLtmX8+j6Pm5HGqAvNojZYiIOm/xlGJdXVNKtUPtn/hbXmKXvEtlFUfygyQE9QR B1TiimpRa1hVWbfK/sVtVGE3jdnsmXjEgeYb5qcH47sCXZrBkcQ= =S8vT -----END PGP SIGNATURE----- Reply to: debian-security-announce@lists.debian.org Moritz Muehlenhoff (on-list) Moritz Muehlenhoff (off-list) Prev by Date: [SECURITY] [DSA 6340-1] neutron security update Previous by thread: [SECURITY] [DSA 6340-1] neutron security update Index(es): Date Thread