Debian Patches

Status for ironic/1:29.0.0-7

Patch Description Author Forwarded Bugs Origin Last update
do-not-print.patch Do not print Without this patch, we're getting:
.
File "/<<PKGBUILDDIR>>/ironic/tests/unit/api/base.py", line 115, in _request_json
print(method.upper(), full_path, "WITH", params, "GOT", str(response))
BlockingIOError: [Errno 11] write could not complete without blocking
.
about 60 times (not always the same number of times...).

===================================================================		 Thomas Goirand <zigo@debian.org> not-needed 2023-10-05
CVE-2025-44021_OSSA-2025-001_Disallow+unsafe_image_file_paths.patch CVE-2025-44021 / OSSA-2025-001: Disallow unsafe image file:// paths Before this change, Ironic did not filter file:// paths when used as an
image source except to ensure they were a file (and not, e.g. a
character device). This is problematic from a security perspective
because you could end up with config files from well-known paths being
written to disk on a node.
.
The allowlist default list is huge, but it includes all known usages of
file:// URLs across Bifrost, Ironic, Metal3, and OpenShift in both CI
and default configuration.
.
For the backportable version of this patch for stable branches, we have
omitted the unconditional block of system paths in order to permit
operators using those branches to fully disable the new security
functionality.

diff --git a/doc/source/install/standalone/enrollment.rst b/doc/source/install/standalone/enrollment.rst
index 4fd9ebb..78e5d2f 100644		 Jay Faulkner <jay@jvf.cc> yes debian upstream 2025-04-21
adds-alembic.ini-in-MANIFEST.in.patch Fixes MANIFEST.in so that alembic.ini is packaged Thomas Goirand <zigo@debian.org> no 2016-03-22
fix-initial_grub_cfg.template.patch Fix initial_grub_cfg.template The default grub.cfg happen /srv/tftp, but tftp-hpa is, in Debian,
already doing a chroot in there.		 Thomas Goirand <zigo@debian.org> no 2024-09-16

All known versions for source package 'ironic'

Links