Hotfix for OSSA-2026-004 CVE-2026-pending

Stefan Hoffmannrequested to merge
feature/glance-cve into devel

https://bugs.launchpad.net/glance/+bug/2138602 Server-Side Request Forgery (SSRF) vulnerabilities in OpenStack Glance image import functionality By use of HTTP redirects, an authenticated user can bypass URL validation checks and redirect to internal services.

Only glance image import functionality is affected. In particular, the 'web-download' and 'glance-download' import methods are subject to this vulnerability, as is the optional (not enabled by default) 'ovf_process' image import plugin.

This bug is fixed in this release by bumping glance image to a fixed ve rsion.

Merge request reports