)]}'
{"id":"openstack%2Fglance~981296","triplet_id":"openstack%2Fglance~stable%2F2026.1~Ib8d337dc68411d18c70d5712cc4f0986ef6205f4","project":"openstack/glance","branch":"stable/2026.1","topic":"bug-2138602-ssrf","attention_set":{},"removed_from_attention_set":{"8122":{"account":{"_account_id":8122,"name":"Cyril Roelandt","email":"cyril@redhat.com","username":"cyril.roelandt.enovance"},"last_update":"2026-03-21 00:42:31.000000000","reason":"Change was submitted"},"9303":{"account":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"last_update":"2026-03-21 00:42:31.000000000","reason":"Change was submitted"}},"hashtags":[],"change_id":"Ib8d337dc68411d18c70d5712cc4f0986ef6205f4","subject":"Fix SSRF vulnerabilities in image import API","status":"MERGED","created":"2026-03-19 14:37:33.000000000","updated":"2026-03-21 00:43:33.000000000","submitted":"2026-03-21 00:42:31.000000000","submitter":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"total_comment_count":3,"unresolved_comment_count":0,"has_review_started":true,"submission_id":"981296-bug-2138602-ssrf","meta_rev_id":"04a0aa2e18d90c889d365d807452c16593d7aef7","_number":981296,"virtual_id_number":981296,"owner":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"actions":{},"labels":{"Verified":{"approved":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"all":[{"tag":"autogenerated:zuul:gate","value":2,"date":"2026-03-21 00:42:31.000000000","permitted_voting_range":{"min":2,"max":2},"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},{"value":0,"_account_id":8122,"name":"Cyril Roelandt","email":"cyril@redhat.com","username":"cyril.roelandt.enovance"},{"value":0,"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"}],"values":{"-2":"Fails","-1":"Doesn\u0027t seem to work"," 0":"No score","+1":"Works for me","+2":"Verified"},"description":"","default_value":0,"optional":true},"Code-Review":{"approved":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"all":[{"value":0,"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},{"value":0,"_account_id":8122,"name":"Cyril Roelandt","email":"cyril@redhat.com","username":"cyril.roelandt.enovance"},{"value":2,"date":"2026-03-20 14:23:29.000000000","permitted_voting_range":{"min":2,"max":2},"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"}],"values":{"-2":"Do not merge","-1":"This patch needs further work before it can be merged"," 0":"No score","+1":"Looks good to me, but someone else must approve","+2":"Looks good to me (core reviewer)"},"description":"","default_value":0,"optional":true},"Workflow":{"approved":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"all":[{"value":0,"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},{"value":0,"_account_id":8122,"name":"Cyril Roelandt","email":"cyril@redhat.com","username":"cyril.roelandt.enovance"},{"value":1,"date":"2026-03-20 13:01:57.000000000","permitted_voting_range":{"min":1,"max":1},"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"}],"values":{"-1":"Work in progress"," 0":"Ready for reviews","+1":"Approved"},"description":"","default_value":0,"optional":true},"Review-Priority":{"all":[{"value":0,"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},{"value":0,"_account_id":8122,"name":"Cyril Roelandt","email":"cyril@redhat.com","username":"cyril.roelandt.enovance"},{"value":0,"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"}],"values":{"-1":"Branch Freeze"," 0":"No Priority","+1":"Important Change","+2":"Top Priority / Holds Gate"},"description":"","default_value":0,"optional":true}},"removable_reviewers":[],"reviewers":{"REVIEWER":[{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},{"_account_id":8122,"name":"Cyril Roelandt","email":"cyril@redhat.com","username":"cyril.roelandt.enovance"},{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]}]},"pending_reviewers":{},"reviewer_updates":[{"updated":"2026-03-19 14:40:44.000000000","updated_by":{"_account_id":8122,"name":"Cyril Roelandt","email":"cyril@redhat.com","username":"cyril.roelandt.enovance"},"reviewer":{"_account_id":8122,"name":"Cyril Roelandt","email":"cyril@redhat.com","username":"cyril.roelandt.enovance"},"state":"REVIEWER"},{"updated":"2026-03-19 14:51:29.000000000","updated_by":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"reviewer":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"state":"REVIEWER"},{"updated":"2026-03-20 13:01:57.000000000","updated_by":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"reviewer":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"state":"REVIEWER"}],"messages":[{"id":"a644edfadc0202e0861dbb292a7dc1eb2f573246","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"date":"2026-03-19 14:37:33.000000000","message":"Uploaded patch set 1.","accounts_in_message":[],"_revision_number":1},{"id":"9c6725a0ab66d284b28538dd2dc760c3a6efd305","author":{"_account_id":8122,"name":"Cyril Roelandt","email":"cyril@redhat.com","username":"cyril.roelandt.enovance"},"date":"2026-03-19 14:40:44.000000000","message":"Patch Set 1: Code-Review+2 Workflow+1","accounts_in_message":[],"_revision_number":1},{"id":"cc23232664353d63ce17068358fa7c7cb1529bce","tag":"autogenerated:zuul:check","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2026-03-19 14:51:29.000000000","message":"Patch Set 1: Verified-1\n\nBuild failed (check pipeline).  For information on how to proceed, see\nhttps://docs.opendev.org/opendev/infra-manual/latest/developers.html#automated-testing\nand https://docs.openstack.org/project-team-guide/testing.html#how-to-handle-test-failures\n\nhttps://zuul.opendev.org/t/openstack/buildset/5616d20f5d8741bc8e2c859e837400b7\n\n- openstack-tox-pep8 https://zuul.opendev.org/t/openstack/build/8e72aa57c9284758876b3711c302c00b : SUCCESS in 4m 54s\n- openstack-tox-py310 https://zuul.opendev.org/t/openstack/build/569446d83ffb446db183cee0c8e89166 : SUCCESS in 4m 39s\n- openstack-tox-py313 https://zuul.opendev.org/t/openstack/build/d9523a28219745d5b6b2a578ded778d6 : SUCCESS in 6m 45s\n- openstack-tox-docs https://zuul.opendev.org/t/openstack/build/ef1b40a1d31d4602945885549eccbe1e : SUCCESS in 7m 25s\n- build-openstack-releasenotes https://zuul.opendev.org/t/openstack/build/5df53c463ec443f894a9eeb252e22232 : FAILURE in 4m 51s\n- openstack-tox-functional-py310 https://zuul.opendev.org/t/openstack/build/12145265656d40b390e65d5dc094d6f0 : SUCCESS in 7m 22s\n- openstack-tox-functional-py313 https://zuul.opendev.org/t/openstack/build/2caf214dde4b4dfb8f149bed39669583 : SUCCESS in 4m 37s","accounts_in_message":[],"_revision_number":1},{"id":"29619ab818c7c479372d3cbb25d3e2b5db99ee8b","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"date":"2026-03-19 15:24:31.000000000","message":"Uploaded patch set 2.\n\nOutdated Votes:\n* Code-Review+2 (copy condition: \"changekind:TRIVIAL_REBASE OR is:MIN\")\n* Verified-1\n* Workflow+1\n","accounts_in_message":[],"_revision_number":2},{"id":"670a551aae61eb24614e1f07fc5b51c44ce4a044","tag":"autogenerated:zuul:check","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2026-03-19 15:37:41.000000000","message":"Patch Set 2: Verified+1\n\nBuild succeeded (check pipeline).\nhttps://zuul.opendev.org/t/openstack/buildset/52ad84224eb749989efbe109d0b21432\n\n- openstack-tox-pep8 https://zuul.opendev.org/t/openstack/build/1beb85a469114f718e7310ba9705a1fc : SUCCESS in 5m 15s\n- openstack-tox-py310 https://zuul.opendev.org/t/openstack/build/72c1b8929fd942358138b8350611866a : SUCCESS in 5m 39s\n- openstack-tox-py313 https://zuul.opendev.org/t/openstack/build/888a3416d1494f038c09f990f2c6fd0f : SUCCESS in 7m 23s\n- openstack-tox-docs https://zuul.opendev.org/t/openstack/build/3b2af8e7f8b24a5881ae5fb75975f9be : SUCCESS in 6m 15s\n- build-openstack-releasenotes https://zuul.opendev.org/t/openstack/build/e47118ce5c854f40840484f83aa4c180 : SUCCESS in 7m 18s\n- openstack-tox-functional-py310 https://zuul.opendev.org/t/openstack/build/13616eeeee454786bd581ca5adee5fc2 : SUCCESS in 8m 39s\n- openstack-tox-functional-py313 https://zuul.opendev.org/t/openstack/build/e62344db7d624deabb29c13196b78caa : SUCCESS in 6m 39s","accounts_in_message":[],"_revision_number":2},{"id":"20a8d53325c32d839a327f6e60ee9947b631c220","tag":"autogenerated:gerrit:newPatchSet","author":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"date":"2026-03-19 17:15:52.000000000","message":"Patch Set 3: Commit message was updated.\n\nOutdated Votes:\n* Verified+1\n","accounts_in_message":[],"_revision_number":3},{"id":"f87aa71ce42402355745acf60878ea560acfe6f8","tag":"autogenerated:zuul:check","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2026-03-19 17:29:43.000000000","message":"Patch Set 3: Verified+1\n\nBuild succeeded (check pipeline).\nhttps://zuul.opendev.org/t/openstack/buildset/3f2233159f2f49debe23bff825978bbb\n\n- openstack-tox-pep8 https://zuul.opendev.org/t/openstack/build/05fbb238a2e74c8999a3e022fdc714b8 : SUCCESS in 5m 34s\n- openstack-tox-py310 https://zuul.opendev.org/t/openstack/build/735dcf86a94b422d8ba27ac8377c6ee7 : SUCCESS in 4m 53s\n- openstack-tox-py313 https://zuul.opendev.org/t/openstack/build/199ccd81072d4a5d9a00573c4587990d : SUCCESS in 4m 35s\n- openstack-tox-docs https://zuul.opendev.org/t/openstack/build/5abf9241334b480ab7deb149b6998bbb : SUCCESS in 5m 28s\n- build-openstack-releasenotes https://zuul.opendev.org/t/openstack/build/01805a177d274d7db64a9b94cff95b90 : SUCCESS in 7m 43s\n- openstack-tox-functional-py310 https://zuul.opendev.org/t/openstack/build/8151ce48091048b39b96e601b7fa3bf0 : SUCCESS in 6m 32s\n- openstack-tox-functional-py313 https://zuul.opendev.org/t/openstack/build/6c13dbfc7ffe443aa2a1b269c3ef6cd5 : SUCCESS in 7m 29s","accounts_in_message":[],"_revision_number":3},{"id":"d0d2a8ff3cdf10b155ca3d7cb5289a8a0b2d7012","author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"date":"2026-03-20 13:01:57.000000000","message":"Patch Set 3: Workflow+1\n\n(1 comment)","accounts_in_message":[],"_revision_number":3},{"id":"10da76670d3fef6d7d270fd11d786cdd51208938","tag":"autogenerated:gerrit:setTopic","author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"date":"2026-03-20 13:05:29.000000000","message":"Topic set to bug-2138602-ssrf","accounts_in_message":[],"_revision_number":3},{"id":"c89c8e5766816adb510fdab6b88335b316b02598","author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"date":"2026-03-20 14:23:29.000000000","message":"Patch Set 3: Code-Review+2\n\n(1 comment)","accounts_in_message":[],"_revision_number":3},{"id":"bc4caf8ae8bd777abb63dd1395af38c5ff3b076f","tag":"autogenerated:zuul:gate","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2026-03-20 14:23:44.000000000","message":"Patch Set 3: -Verified\n\nStarting gate jobs.","accounts_in_message":[],"_revision_number":3},{"id":"ac683dce8c00c7752d4276add76497b8837b941a","tag":"autogenerated:zuul:gate","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2026-03-20 17:00:44.000000000","message":"Patch Set 3: Verified-2\n\nBuild failed (gate pipeline).  For information on how to proceed, see\nhttps://docs.opendev.org/opendev/infra-manual/latest/developers.html#automated-testing\n\nhttps://zuul.opendev.org/t/openstack/buildset/328e0d2cf5504168beca7e18a595a4c0\n\n- openstack-tox-pep8 https://zuul.opendev.org/t/openstack/build/4d429a0f5a50434ba8422b4527001c74 : SUCCESS in 3m 01s\n- openstack-tox-py310 https://zuul.opendev.org/t/openstack/build/c36f068fdeca41528434fc4af1378bd7 : SUCCESS in 5m 25s\n- openstack-tox-py313 https://zuul.opendev.org/t/openstack/build/39a2bb1bcf0d4753bc918c25cc092969 : POST_FAILURE in 11m 12s\n- openstack-tox-docs https://zuul.opendev.org/t/openstack/build/53763d5a7f294d048c7767513b229eb1 : SUCCESS in 5m 54s\n- build-openstack-releasenotes https://zuul.opendev.org/t/openstack/build/a46a78ad1daa49ea85313a37bc2f455f : POST_FAILURE in 12m 45s\n- openstack-tox-functional-py310 https://zuul.opendev.org/t/openstack/build/bc3b41d4ed3e4828a69cae7804e9122c : SUCCESS in 6m 16s\n- openstack-tox-functional-py313 https://zuul.opendev.org/t/openstack/build/c460b9ea11524e399ba236ddfaccca58 : SUCCESS in 5m 03s","accounts_in_message":[],"_revision_number":3},{"id":"992ce57d3bd3b337f77fabef528edd2bcd347b66","author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"date":"2026-03-20 19:29:02.000000000","message":"Patch Set 3:\n\n(1 comment)","accounts_in_message":[],"_revision_number":3},{"id":"ad5adf3d2617fcae58d0be8abd501f04c668e4ba","tag":"autogenerated:zuul:check","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2026-03-20 22:11:27.000000000","message":"Patch Set 3: Verified+1\n\nBuild succeeded (check pipeline).\nhttps://zuul.opendev.org/t/openstack/buildset/bd4018f257f044b59b0e8e6f0cfcc034\n\n- grenade https://zuul.opendev.org/t/openstack/build/aca986dadd90433ebf83e093fb306de8 : SUCCESS in 1h 04m 36s\n- tempest-integrated-storage https://zuul.opendev.org/t/openstack/build/92c7b6cbee4b4279a05ce3865a6c241b : SUCCESS in 1h 39m 00s\n- openstacksdk-functional-devstack https://zuul.opendev.org/t/openstack/build/1cac31d9d37a447bb93ed1a3826149da : SUCCESS in 47m 12s\n- openstack-tox-pep8 https://zuul.opendev.org/t/openstack/build/73525987d1fa459faeea3bd5bdea8540 : SUCCESS in 4m 28s\n- openstack-tox-py310 https://zuul.opendev.org/t/openstack/build/95fd8e33a07e4bc6b3ff51f77a04c259 : SUCCESS in 4m 29s\n- openstack-tox-py313 https://zuul.opendev.org/t/openstack/build/be758d9afc6a4d4ab9fd0af13e903d26 : SUCCESS in 5m 44s\n- openstack-tox-docs https://zuul.opendev.org/t/openstack/build/a420a4164b7c432195df69ab52fddaec : SUCCESS in 6m 30s\n- build-openstack-releasenotes https://zuul.opendev.org/t/openstack/build/c1ecef905efe466e888c8087960026e7 : SUCCESS in 6m 00s\n- openstack-tox-functional-py310 https://zuul.opendev.org/t/openstack/build/040d4bd1d9f64e9bb340ec2bfa89f296 : SUCCESS in 6m 09s\n- openstack-tox-functional-py313 https://zuul.opendev.org/t/openstack/build/e975bc51795b4fa7a8143db67641b1fc : SUCCESS in 5m 43s\n- glance-ceph-thin-provisioning https://zuul.opendev.org/t/openstack/build/cd1ce6a5256041219704c1c5f9942fd6 : SUCCESS in 1h 05m 37s (non-voting)\n- tempest-integrated-storage-enforce-scope-new-defaults https://zuul.opendev.org/t/openstack/build/4c592b6ee3c544d9827ccad0507d841d : SUCCESS in 2h 22m 55s\n- tempest-integrated-storage-import https://zuul.opendev.org/t/openstack/build/4f5fce40afe3435fb76dada775a07ba2 : SUCCESS in 2h 27m 01s\n- glance-multistore-cinder-import https://zuul.opendev.org/t/openstack/build/c89d76dad1ec4223a9bce63205350c5e : SUCCESS in 2h 41m 47s\n- tempest-ipv6-only https://zuul.opendev.org/t/openstack/build/480c3dc4e4e64ad4b7c76495183e53a0 : SUCCESS in 1h 07m 22s\n- nova-ceph-multistore https://zuul.opendev.org/t/openstack/build/9ab4ef672574456aa280f39608daa23d : SUCCESS in 1h 52m 15s\n- glance-grenade-centralized-cache https://zuul.opendev.org/t/openstack/build/117583f294724074909eec32588a95d0 : FAILURE in 22m 01s (non-voting)\n- glance-s3-multistore https://zuul.opendev.org/t/openstack/build/375a423a06a141e78ece8ab8dd8621b1 : SUCCESS in 1h 51m 05s (non-voting)\n- glance-secure-rbac-protection-functional https://zuul.opendev.org/t/openstack/build/5dcbbfc8f8a547108d143159221a2ac8 : SUCCESS in 23m 40s","accounts_in_message":[],"_revision_number":3},{"id":"2699a8bb7d11560d4d6756cbbf338c17d7b4a0f7","tag":"autogenerated:zuul:gate","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2026-03-20 22:12:00.000000000","message":"Patch Set 3: -Verified\n\nStarting gate jobs.","accounts_in_message":[],"_revision_number":3},{"id":"5744d64d17c78c3e43e9efbdb6ddfcb719681b08","tag":"autogenerated:zuul:gate","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2026-03-21 00:42:31.000000000","message":"Patch Set 3: Verified+2\n\nBuild succeeded (gate pipeline).\nhttps://zuul.opendev.org/t/openstack/buildset/35b3dd34e3ec451d8ddd7e3bc03a617c\n\n- grenade https://zuul.opendev.org/t/openstack/build/d1de50e9c18f4e268e15b010bac5e169 : SUCCESS in 56m 45s\n- tempest-integrated-storage https://zuul.opendev.org/t/openstack/build/850f5a39780244f48f2d7427a21ef01e : SUCCESS in 2h 00m 47s\n- openstacksdk-functional-devstack https://zuul.opendev.org/t/openstack/build/13e16a380259406084be17494a9588f6 : SUCCESS in 32m 20s\n- openstack-tox-pep8 https://zuul.opendev.org/t/openstack/build/900849079c9c448eabc0e2d336c27e96 : SUCCESS in 6m 01s\n- openstack-tox-py310 https://zuul.opendev.org/t/openstack/build/bd396162b82f4e2fbd3c8fcf8cd0bfbc : SUCCESS in 4m 11s\n- openstack-tox-py313 https://zuul.opendev.org/t/openstack/build/ebceb0cfc79c498885a0ce91212b3165 : SUCCESS in 4m 45s\n- openstack-tox-docs https://zuul.opendev.org/t/openstack/build/8c12dd21d5dc4021a342717b403d9991 : SUCCESS in 5m 17s\n- build-openstack-releasenotes https://zuul.opendev.org/t/openstack/build/866fd3fffc314940b88aefb5dff13a77 : SUCCESS in 7m 26s\n- openstack-tox-functional-py310 https://zuul.opendev.org/t/openstack/build/0644742ca703434993f964c076ed3029 : SUCCESS in 6m 40s\n- openstack-tox-functional-py313 https://zuul.opendev.org/t/openstack/build/2c1e6874e24d4f8bae40b83f8ea11760 : SUCCESS in 5m 15s\n- tempest-integrated-storage-enforce-scope-new-defaults https://zuul.opendev.org/t/openstack/build/05dd49a2894d411ebaf77646b25580d2 : SUCCESS in 2h 00m 04s\n- tempest-integrated-storage-import https://zuul.opendev.org/t/openstack/build/034f559ba69a4081a373d2c1ae4219bb : SUCCESS in 1h 42m 55s\n- tempest-ipv6-only https://zuul.opendev.org/t/openstack/build/b1f8def9877a4132b05a3589786a2da3 : SUCCESS in 1h 04m 32s\n- nova-ceph-multistore https://zuul.opendev.org/t/openstack/build/d035bc8ded5445d4a72b12edae3ebe63 : SUCCESS in 54m 32s\n- glance-secure-rbac-protection-functional https://zuul.opendev.org/t/openstack/build/ce07f4819cc9461c96b1ad8ae071dfe3 : SUCCESS in 34m 18s","accounts_in_message":[],"_revision_number":3},{"id":"d01d239af400b494cf2c5294a6f70a055db658ed","tag":"autogenerated:gerrit:merged","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2026-03-21 00:42:31.000000000","message":"Change has been successfully merged","accounts_in_message":[],"_revision_number":3},{"id":"04a0aa2e18d90c889d365d807452c16593d7aef7","tag":"autogenerated:zuul:promote","author":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]},"date":"2026-03-21 00:43:33.000000000","message":"Patch Set 3:\n\nBuild succeeded (promote pipeline).\nhttps://zuul.opendev.org/t/openstack/buildset/a43e6400aa5b4d58ac183e1196da3d54\n\n- promote-openstack-tox-docs https://zuul.opendev.org/t/openstack/build/149843d9a2264cab8546f7f96da9d334 : SUCCESS in 53s\n- promote-openstack-releasenotes https://zuul.opendev.org/t/openstack/build/9fb01c2b59784537aafd1463d2ac96ef : SUCCESS in 50s","accounts_in_message":[],"_revision_number":3}],"current_revision_number":3,"current_revision":"07dd0a203b6883efa66486035c436b92c83da0f3","revisions":{"829d69ad5339986142806dc99a4cef744b2e9f37":{"kind":"REWORK","_number":1,"created":"2026-03-19 14:37:33.000000000","uploader":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"ref":"refs/changes/96/981296/1","fetch":{"anonymous http":{"url":"https://review.opendev.org/openstack/glance","ref":"refs/changes/96/981296/1","commands":{"Checkout":"git fetch https://review.opendev.org/openstack/glance refs/changes/96/981296/1 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://review.opendev.org/openstack/glance refs/changes/96/981296/1 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://review.opendev.org/openstack/glance refs/changes/96/981296/1 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://review.opendev.org/openstack/glance refs/changes/96/981296/1"}}},"commit":{"parents":[{"commit":"7e243d5f13cf31ac53538604313355f747daa834","subject":"Update TOX_CONSTRAINTS_FILE for stable/2026.1","web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/glance/commit/7e243d5f13cf31ac53538604313355f747daa834"}]}],"author":{"name":"Abhishek Kekane","email":"akekane@redhat.com","date":"2026-01-20 19:02:08.000000000","tz":0},"committer":{"name":"Abhishek Kekane","email":"akekane@redhat.com","date":"2026-03-19 14:36:13.000000000","tz":0},"subject":"Fix SSRF vulnerabilities in image import API","message":"Fix SSRF vulnerabilities in image import API\n\nFixed Server-Side Request Forgery (SSRF) vulnerabilities in Glance\u0027s image\nimport functionality that could allow attackers to bypass URL validation\nand access internal resources.\n\nThe fix includes:\n- IP address validation using Python\u0027s ipaddress module to reject encoded\n  IP formats (decimal, hexadecimal, octal) that could bypass blacklist checks\n- HTTP redirect validation for web-download, glance-download, and OVF\n  processing to prevent redirect-based SSRF attacks\n- URI validation for OVF processing which previously had no protection\n\nThe implementation uses Python\u0027s built-in ipaddress module which inherently\nrejects all non-standard IP encodings and only accepts standard formats,\nproviding robust protection against IP encoding bypass attacks.\n\nAssisted-by: Used Cursor (Auto) for unit tests.\n\nCloses-Bug: #2138602\nCloses-Bug: #2138672\nCloses-Bug: #2138675\nSecurityImpact\n\nChange-Id: Ib8d337dc68411d18c70d5712cc4f0986ef6205f4\nSigned-off-by: Abhishek Kekane \u003cakekane@redhat.com\u003e\n(cherry picked from commit 351e843083673c99ffb8cb4708c39aef9186d8d2)\n","web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/glance/commit/829d69ad5339986142806dc99a4cef744b2e9f37"}],"resolve_conflicts_web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/glance/commit/829d69ad5339986142806dc99a4cef744b2e9f37"}]},"branch":"refs/heads/stable/2026.1"},"4d7bceb753abe14b1f4853ed1f58b038fa0bbbf7":{"kind":"REWORK","_number":2,"created":"2026-03-19 15:24:31.000000000","uploader":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"ref":"refs/changes/96/981296/2","fetch":{"anonymous http":{"url":"https://review.opendev.org/openstack/glance","ref":"refs/changes/96/981296/2","commands":{"Checkout":"git fetch https://review.opendev.org/openstack/glance refs/changes/96/981296/2 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://review.opendev.org/openstack/glance refs/changes/96/981296/2 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://review.opendev.org/openstack/glance refs/changes/96/981296/2 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://review.opendev.org/openstack/glance refs/changes/96/981296/2"}}},"commit":{"parents":[{"commit":"7e243d5f13cf31ac53538604313355f747daa834","subject":"Update TOX_CONSTRAINTS_FILE for stable/2026.1","web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/glance/commit/7e243d5f13cf31ac53538604313355f747daa834"}]}],"author":{"name":"Abhishek Kekane","email":"akekane@redhat.com","date":"2026-01-20 19:02:08.000000000","tz":0},"committer":{"name":"Abhishek Kekane","email":"akekane@redhat.com","date":"2026-03-19 15:22:56.000000000","tz":0},"subject":"Fix SSRF vulnerabilities in image import API","message":"Fix SSRF vulnerabilities in image import API\n\nFixed Server-Side Request Forgery (SSRF) vulnerabilities in Glance\u0027s image\nimport functionality that could allow attackers to bypass URL validation\nand access internal resources.\n\nThe fix includes:\n- IP address validation using Python\u0027s ipaddress module to reject encoded\n  IP formats (decimal, hexadecimal, octal) that could bypass blacklist checks\n- HTTP redirect validation for web-download, glance-download, and OVF\n  processing to prevent redirect-based SSRF attacks\n- URI validation for OVF processing which previously had no protection\n\nThe implementation uses Python\u0027s built-in ipaddress module which inherently\nrejects all non-standard IP encodings and only accepts standard formats,\nproviding robust protection against IP encoding bypass attacks.\n\nAssisted-by: Used Cursor (Auto) for unit tests.\n\nCloses-Bug: #2138602\nCloses-Bug: #2138672\nCloses-Bug: #2138675\nSecurityImpact\n\nChange-Id: Ib8d337dc68411d18c70d5712cc4f0986ef6205f4\nSigned-off-by: Abhishek Kekane \u003cakekane@redhat.com\u003e\n(cherry picked from commit 351e843083673c99ffb8cb4708c39aef9186d8d2)\n","web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/glance/commit/4d7bceb753abe14b1f4853ed1f58b038fa0bbbf7"}],"resolve_conflicts_web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/glance/commit/4d7bceb753abe14b1f4853ed1f58b038fa0bbbf7"}]},"branch":"refs/heads/stable/2026.1"},"07dd0a203b6883efa66486035c436b92c83da0f3":{"kind":"NO_CODE_CHANGE","_number":3,"created":"2026-03-19 17:15:52.000000000","uploader":{"_account_id":9303,"name":"Abhishek Kekane","email":"akekane@redhat.com","username":"abhishekkekane"},"ref":"refs/changes/96/981296/3","fetch":{"anonymous http":{"url":"https://review.opendev.org/openstack/glance","ref":"refs/changes/96/981296/3","commands":{"Checkout":"git fetch https://review.opendev.org/openstack/glance refs/changes/96/981296/3 \u0026\u0026 git checkout FETCH_HEAD","Cherry Pick":"git fetch https://review.opendev.org/openstack/glance refs/changes/96/981296/3 \u0026\u0026 git cherry-pick FETCH_HEAD","Format Patch":"git fetch https://review.opendev.org/openstack/glance refs/changes/96/981296/3 \u0026\u0026 git format-patch -1 --stdout FETCH_HEAD","Pull":"git pull https://review.opendev.org/openstack/glance refs/changes/96/981296/3"}}},"commit":{"parents":[{"commit":"7e243d5f13cf31ac53538604313355f747daa834","subject":"Update TOX_CONSTRAINTS_FILE for stable/2026.1","web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/glance/commit/7e243d5f13cf31ac53538604313355f747daa834"}]}],"author":{"name":"Abhishek Kekane","email":"akekane@redhat.com","date":"2026-01-20 19:02:08.000000000","tz":0},"committer":{"name":"Abhishek Kekane","email":"akekane@redhat.com","date":"2026-03-19 17:15:52.000000000","tz":0},"subject":"Fix SSRF vulnerabilities in image import API","message":"Fix SSRF vulnerabilities in image import API\n\nFixed Server-Side Request Forgery (SSRF) vulnerabilities in Glance\u0027s image\nimport functionality that could allow attackers to bypass URL validation\nand access internal resources.\n\nThe fix includes:\n- IP address validation using Python\u0027s ipaddress module to reject encoded\n  IP formats (decimal, hexadecimal, octal) that could bypass blacklist checks\n- HTTP redirect validation for web-download, glance-download, and OVF\n  processing to prevent redirect-based SSRF attacks\n- URI validation for OVF processing which previously had no protection\n\nThe implementation uses Python\u0027s built-in ipaddress module which inherently\nrejects all non-standard IP encodings and only accepts standard formats,\nproviding robust protection against IP encoding bypass attacks.\n\nDepends-On: https://review.opendev.org/c/openstack/tempest/+/981329\n\nAssisted-by: Used Cursor (Auto) for unit tests.\n\nCloses-Bug: #2138602\nCloses-Bug: #2138672\nCloses-Bug: #2138675\nSecurityImpact\n\nChange-Id: Ib8d337dc68411d18c70d5712cc4f0986ef6205f4\nSigned-off-by: Abhishek Kekane \u003cakekane@redhat.com\u003e\n(cherry picked from commit 351e843083673c99ffb8cb4708c39aef9186d8d2)\n","web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/glance/commit/07dd0a203b6883efa66486035c436b92c83da0f3"}],"resolve_conflicts_web_links":[{"name":"gitea","tooltip":"Open in GitWeb","url":"https://opendev.org/openstack/glance/commit/07dd0a203b6883efa66486035c436b92c83da0f3"}]},"branch":"refs/heads/stable/2026.1","description":"Edit commit message"}},"requirements":[],"submit_records":[{"rule_name":"gerrit~DefaultSubmitRule","status":"CLOSED","labels":[{"label":"Verified","status":"MAY","applied_by":{"_account_id":22348,"name":"Zuul","username":"zuul","tags":["SERVICE_USER"]}},{"label":"Code-Review","status":"MAY","applied_by":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"}},{"label":"Workflow","status":"MAY","applied_by":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"}},{"label":"Review-Priority","status":"MAY"}]}],"submit_requirements":[{"name":"Verified","description":"Verified in gate by CI","status":"SATISFIED","is_legacy":false,"submittability_expression_result":{"expression":"label:Verified\u003dMAX AND -label:Verified\u003dMIN","fulfilled":true,"status":"PASS","passing_atoms":["label:Verified\u003dMAX"],"failing_atoms":["label:Verified\u003dMIN"],"atom_explanations":{}}},{"name":"Code-Review","description":"Code reviewed by core reviewer","status":"SATISFIED","is_legacy":false,"submittability_expression_result":{"expression":"label:Code-Review\u003dMAX AND -label:Code-Review\u003dMIN","fulfilled":true,"status":"PASS","passing_atoms":["label:Code-Review\u003dMAX"],"failing_atoms":["label:Code-Review\u003dMIN"],"atom_explanations":{}}},{"name":"Review-Priority","description":"Review priority","status":"SATISFIED","is_legacy":false,"submittability_expression_result":{"expression":"-label:Review-Priority\u003dMIN","fulfilled":true,"status":"PASS","passing_atoms":[],"failing_atoms":["label:Review-Priority\u003dMIN"],"atom_explanations":{}}},{"name":"Workflow","description":"Approved for gate by core reviewer","status":"SATISFIED","is_legacy":false,"submittability_expression_result":{"expression":"label:Workflow\u003dMAX AND -label:Workflow\u003dMIN","fulfilled":true,"status":"PASS","passing_atoms":["label:Workflow\u003dMAX"],"failing_atoms":["label:Workflow\u003dMIN"],"atom_explanations":{}}}]}