Comment 362 for bug 2059809

This bug was fixed in the package cinder - 2:22.1.1-0ubuntu1.3~cloud0
---------------

 cinder (2:22.1.1-0ubuntu1.3~cloud0) jammy; urgency=medium
 .
   * SECURITY UPDATE: Arbitrary file access via custom QCOW2 external data
     (LP: #2059809)
     - debian/patches/CVE-2024-32498.patch: check for external qcow2 data
       file in cinder/image/image_utils.py,
       cinder/tests/unit/test_image_utils.py.
     - debian/control: added qemu-utils to Build-Depends so qemu-img is
       available for new tests.
     - CVE-2024-32498