)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":5314,"name":"Brian Rosmaita","email":"rosmaita.fossdev@gmail.com","username":"brian-rosmaita"},"change_message_id":"43bb9af61f8e5b8ae7f81e239effce02ddad2350","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"12af210f_0da63ae8","updated":"2026-03-20 21:00:23.000000000","message":"I\u0027ll hit those whitespace nits when I add the errata to update the CVE number.","commit_id":"ae375b1fef86bf143cdd0a0285d43764373b3320"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"ae0dba69571a6f878b7a5a1295ade27526c6f193","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"771101e8_1a368cd3","updated":"2026-03-19 15:13:16.000000000","message":"Thank you Brian!","commit_id":"ae375b1fef86bf143cdd0a0285d43764373b3320"}],"ossa/OSSA-2026-004.yaml":[{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"ae0dba69571a6f878b7a5a1295ade27526c6f193","unresolved":true,"context_lines":[{"line_number":4,"context_line":""},{"line_number":5,"context_line":"title: Server-Side Request Forgery (SSRF) vulnerabilities in OpenStack Glance image import functionality"},{"line_number":6,"context_line":""},{"line_number":7,"context_line":"description: |+"},{"line_number":8,"context_line":"  Hyeongeun_Ji of Open the Window and Abhishek Kekane of Red Hat"},{"line_number":9,"context_line":"  reported multiple Server-Side Request Forgery (SSRF)"},{"line_number":10,"context_line":"  vulnerabilities in Glance image import. By use of HTTP redirects,"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"51e7d346_c9f5bc7d","line":7,"range":{"start_line":7,"start_character":13,"end_line":7,"end_character":15},"updated":"2026-03-19 15:13:16.000000000","message":"Think we prefer \"\u003e\" in earlier reports?","commit_id":"ae375b1fef86bf143cdd0a0285d43764373b3320"},{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"27f675258544ee70005823acac62b9abf0f41c16","unresolved":false,"context_lines":[{"line_number":4,"context_line":""},{"line_number":5,"context_line":"title: Server-Side Request Forgery (SSRF) vulnerabilities in OpenStack Glance image import functionality"},{"line_number":6,"context_line":""},{"line_number":7,"context_line":"description: |+"},{"line_number":8,"context_line":"  Hyeongeun_Ji of Open the Window and Abhishek Kekane of Red Hat"},{"line_number":9,"context_line":"  reported multiple Server-Side Request Forgery (SSRF)"},{"line_number":10,"context_line":"  vulnerabilities in Glance image import. By use of HTTP redirects,"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"22bae9df_f6b6159f","line":7,"range":{"start_line":7,"start_character":13,"end_line":7,"end_character":15},"in_reply_to":"51e7d346_c9f5bc7d","updated":"2026-03-19 15:20:41.000000000","message":"For flowed text like we normally use, yes. In this case it\u0027s preformatted text because of the embedded RST. It\u0027s not typical of our advisories to have more than a 3 or 4 sentence paragraph as the impact description, but since this one includes internal formatting it needs to be in a preformatted text field.","commit_id":"ae375b1fef86bf143cdd0a0285d43764373b3320"},{"author":{"_account_id":16643,"name":"Goutham Pacha Ravi","email":"gouthampravi@gmail.com","username":"gouthamr"},"change_message_id":"c13530cd66ea7514adb28b5e50a3bf9b82d09ebb","unresolved":false,"context_lines":[{"line_number":4,"context_line":""},{"line_number":5,"context_line":"title: Server-Side Request Forgery (SSRF) vulnerabilities in OpenStack Glance image import functionality"},{"line_number":6,"context_line":""},{"line_number":7,"context_line":"description: |+"},{"line_number":8,"context_line":"  Hyeongeun_Ji of Open the Window and Abhishek Kekane of Red Hat"},{"line_number":9,"context_line":"  reported multiple Server-Side Request Forgery (SSRF)"},{"line_number":10,"context_line":"  vulnerabilities in Glance image import. By use of HTTP redirects,"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"d7b187e9_3205e905","line":7,"range":{"start_line":7,"start_character":13,"end_line":7,"end_character":15},"in_reply_to":"51e7d346_c9f5bc7d","updated":"2026-03-19 15:25:54.000000000","message":"oh i see the sections here warrant it. nvm","commit_id":"ae375b1fef86bf143cdd0a0285d43764373b3320"},{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"db7c0fabd170eaf2e62dcc56334179f8767ce589","unresolved":false,"context_lines":[{"line_number":119,"context_line":""},{"line_number":120,"context_line":"  2023.1/antelope:"},{"line_number":121,"context_line":"    - https://review.opendev.org/981300"},{"line_number":122,"context_line":"    "},{"line_number":123,"context_line":"notes:"},{"line_number":124,"context_line":"  - A CVE request was filed with MITRE on 2026-02-16."},{"line_number":125,"context_line":"  - Prereleases of OpenStack software are not official production"}],"source_content_type":"text/x-yaml","patch_set":1,"id":"42f65416_cfe1300f","line":122,"updated":"2026-03-19 14:59:02.000000000","message":"Nit: stray trailing whitespace (I wouldn\u0027t clean it up unless linting fails, otherwise you can get it when you do the errata 1 revision for the CVE assignment)","commit_id":"ae375b1fef86bf143cdd0a0285d43764373b3320"},{"author":{"_account_id":5263,"name":"Jeremy Stanley","display_name":"fungi","email":"fungi@yuggoth.org","username":"fungi","status":"missing, presumed fed"},"change_message_id":"db7c0fabd170eaf2e62dcc56334179f8767ce589","unresolved":false,"context_lines":[{"line_number":130,"context_line":"    no new point releases, but a patch for it is provided as a"},{"line_number":131,"context_line":"    courtesy."},{"line_number":132,"context_line":""},{"line_number":133,"context_line":"  "}],"source_content_type":"text/x-yaml","patch_set":1,"id":"fdcf97e1_4fd2e8cc","line":133,"updated":"2026-03-19 14:59:02.000000000","message":"Nit: more trailing whitespace and unnecessary blank lines","commit_id":"ae375b1fef86bf143cdd0a0285d43764373b3320"}]}