-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 25 May 2026 17:20:47 +0200
Source: mistral
Architecture: source
Version: 15.0.0-1+deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: Debian OpenStack <team+openstack@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 1138843
Changes:
 mistral (15.0.0-1+deb12u1) bookworm-security; urgency=medium
 .
   * CVE-2026-41283: Mistral policy enforcement bypass allows unauthorized
     public resource creation and arbitrary code execution. Applied upstream
     patches:
     - Restrict publicize policies to admin only
     - Remove unnecessary expect_errors=True from policy tests
     - Add code_sources publicize policy and enforcement
     - Restrict code_sources and dynamic_actions policies to
     - Add dynamic_actions publicize policy and enforcement
     - Add workbooks publicize policy and enforcement
     - Add cron_triggers publicize policy and enforcement
     - Add environments publicize policy and enforcement
    (Closes: #1138843)
Checksums-Sha1:
 9a1a3500d435d21b3cd9612cf64e9df3b0a10a2c 3571 mistral_15.0.0-1+deb12u1.dsc
 2e574a10bed1eba6811f0d531aa5d47380d1332c 1005320 mistral_15.0.0.orig.tar.xz
 4f1f46f2c93c946ec3201c6e84b15d946802adbc 17592 mistral_15.0.0-1+deb12u1.debian.tar.xz
 1ad8a8afeeb22db6be8d052bc43911b01798e927 17572 mistral_15.0.0-1+deb12u1_amd64.buildinfo
Checksums-Sha256:
 ead362e407b079b18bb723c9bccff0c5300e9f9ae38549170750e7335dbee8de 3571 mistral_15.0.0-1+deb12u1.dsc
 5d684a6b5cc59c5e399e0998f2f4433e1994ebd313d38b94284c50940a1a15b1 1005320 mistral_15.0.0.orig.tar.xz
 89799529e9aa45b772b09c5bb0e6729f42e0471f21d604b391bef727acf988c5 17592 mistral_15.0.0-1+deb12u1.debian.tar.xz
 2cbf6f1f4cae1ba445b55d4df50c2d3ee5e2f1e245f795864810dae880449dc1 17572 mistral_15.0.0-1+deb12u1_amd64.buildinfo
Files:
 7b4b207b807e8a855022efeb4cde603b 3571 net optional mistral_15.0.0-1+deb12u1.dsc
 7bba444c9137f3b4f7c11cf4f7cdadc8 1005320 net optional mistral_15.0.0.orig.tar.xz
 7fbd9c1cf39ded395a334db8ddb4c753 17592 net optional mistral_15.0.0-1+deb12u1.debian.tar.xz
 afa53967b36cd0ab836e73a436eaf542 17572 net optional mistral_15.0.0-1+deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAmonSjEACgkQ1BatFaxr
Q/7Ufg/9HkLvF/KZAEBMutBDR3tDfPQzO5/RPJdbsBk3RpIlVmBx3IKeHxQ3p6/P
9KffaevalOKoKFkxxF2XV/MKzggahk9pXcLXbLXIU1K7JVfDBTRB5fsGWqpDPZ51
yq/by5Ein9PiRit0MYXYT5CABXZA72RUctYJK9TTcmXjfq5LkqkYtrzPGt7mTGwT
R3jfU+02YU3Gvb0n5nsUBIlm6XncJJ/ZpqObjpZJK0MBKGsLyHPcsv6slOQ1S5G4
R2qG403CE0V3jG8FD+HOoI7u/X0TuGoCusM4MGPMbBDhEGgpExnxD2kL7ezZ6DRc
kTNbcE1YpRai4Ry2a9jNwWEgOvDrG5CxSAO1JOHGdVPuPbGUkKvmJPHzpt1d40sv
AwALGPm8Xg4QJozpw9kLd7WOO4wjrOkG1ofGqzVdKSxVVpRmKdAd91sUOUya7N8T
t4FkEasma5vFzrCnI3YPx5rTqO6wj5MjhdZ9fGOwk5qlaj56l76oIQQvEBo6Bbpp
wFF/s4rMt1e1GKOYjfqRUxtEnDVcF4vSaboPL8x2BpqiLg8LncWSbYrNX2F62sqf
s6VMdLdDOQZm4cjQvc0lsov/imLin7S0xi/qc0Unt4771ZeVh/Trt63dKA3RRKLh
qpQkCZ4WEQsyGSUphJVlDplIgCZKrKwXUfsUE5+6PTqsWxk7nro=
=rMkh
-----END PGP SIGNATURE-----