Register | Log in

vitrage

Choose email to subscribe with

general

source: vitrage (main)
version: 15.0.1-2
maintainer: Debian OpenStack (DMD)
uploaders: Thomas Goirand [DMD] – Michal Arbet [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 7.3.0-2
oldstable: 9.0.0-3.1
stable: 14.0.0-4
testing: 15.0.1-2

versioned links

7.3.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
9.0.0-3.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
14.0.0-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
15.0.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

python3-vitrage
vitrage-api
vitrage-collector
vitrage-common
vitrage-doc
vitrage-graph
vitrage-ml
vitrage-notifier
vitrage-persistor
vitrage-snmp-parsing

package is gone

This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.

action needed

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2026-28370: In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and further compromise of the Vitrage service. All deployments exposing the Vitrage API are affected. This occurs in _create_query_function in vitrage/graph/query.py.

Created: 2026-02-27 Last update: 2026-04-20 17:01

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2026-28370: In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and further compromise of the Vitrage service. All deployments exposing the Vitrage API are affected. This occurs in _create_query_function in vitrage/graph/query.py.

Created: 2026-02-27 Last update: 2026-04-20 17:01

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2026-28370: In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and further compromise of the Vitrage service. All deployments exposing the Vitrage API are affected. This occurs in _create_query_function in vitrage/graph/query.py.

Created: 2026-02-27 Last update: 2026-04-20 17:01

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2026-04-07 Last update: 2026-04-20 20:31

news

[2026-04-20] Removed 15.0.1-2 from unstable (Debian FTP Masters)
[2025-12-11] vitrage 15.0.1-2 MIGRATED to testing (Debian testing watch)
[2025-12-07] Accepted vitrage 15.0.1-2 (source) into unstable (Thomas Goirand)
[2025-11-20] vitrage 15.0.1-1 MIGRATED to testing (Debian testing watch)
[2025-10-20] Accepted vitrage 15.0.1-1 (source) into unstable (Thomas Goirand)
[2025-10-01] Accepted vitrage 15.0.0-1 (source) into unstable (Thomas Goirand)
[2025-09-30] Accepted vitrage 15.0.0~rc1-2 (source) into unstable (Thomas Goirand)
[2025-09-16] Accepted vitrage 15.0.0~rc1-1 (source) into experimental (Thomas Goirand)
[2025-07-23] vitrage 14.0.0-4 MIGRATED to testing (Debian testing watch)
[2025-07-11] Accepted vitrage 14.0.0-4 (source) into unstable (Thomas Goirand)
[2025-04-12] vitrage 14.0.0-3 MIGRATED to testing (Debian testing watch)
[2025-04-10] Accepted vitrage 14.0.0-3 (source) into unstable (Thomas Goirand)
[2025-04-10] Accepted vitrage 14.0.0-2 (source) into unstable (Thomas Goirand)
[2025-04-02] Accepted vitrage 14.0.0-1 (source) into unstable (Thomas Goirand)
[2025-03-28] Accepted vitrage 14.0.0~rc1-2 (source) into unstable (Thomas Goirand)
[2025-03-25] Accepted vitrage 14.0.0~rc1-1 (source) into experimental (Thomas Goirand)
[2025-03-25] Accepted vitrage 13.0.0-6 (source) into unstable (Thomas Goirand)
[2024-12-27] Accepted vitrage 13.0.0-5 (source) into unstable (Thomas Goirand)
[2024-12-21] Accepted vitrage 13.0.0-4 (source) into unstable (Thomas Goirand)
[2024-12-20] Accepted vitrage 13.0.0-3 (source) into unstable (Thomas Goirand)
[2024-12-18] Accepted vitrage 13.0.0-2 (source) into unstable (Thomas Goirand)
[2024-10-02] Accepted vitrage 13.0.0-1 (source) into unstable (Thomas Goirand)
[2024-09-20] Accepted vitrage 13.0.0~rc1-2 (source) into unstable (Thomas Goirand)
[2024-09-17] Accepted vitrage 13.0.0~rc1-1 (source) into experimental (Thomas Goirand)
[2024-04-08] Accepted vitrage 12.0.0-1 (source) into unstable (Thomas Goirand)
[2024-03-18] Accepted vitrage 12.0.0~rc1-2 (source) into experimental (Thomas Goirand)
[2024-03-17] Accepted vitrage 12.0.0~rc1-1 (source) into experimental (Thomas Goirand)
[2024-01-11] vitrage REMOVED from testing (Debian testing watch)
[2023-12-12] Accepted vitrage 11.0.0-2 (source) into unstable (Thomas Goirand)
[2023-10-08] vitrage 11.0.0-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 0

links

homepage
buildd: logs, reproducibility
popcon
browse source code
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 15.0.0+git20250930.3.5b57e2b3-0ubuntu1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing