Version in base suite: 30.0.0-3
Version in overlay suite: 30.0.0-3+deb13u1

Base version: glance_30.0.0-3+deb13u1
Target version: glance_30.0.0-3+deb13u2
Base file: /srv/ftp-master.debian.org/ftp/pool/main/g/glance/glance_30.0.0-3+deb13u1.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/g/glance/glance_30.0.0-3+deb13u2.dsc

 changelog                               |    7 +++
 patches/No_DNS_resolution_in_test.patch |   60 ++++++++++++++++++++++++++++++++
 patches/series                          |    1 
 3 files changed, 68 insertions(+)

dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmpxbxv7_nj/glance_30.0.0-3+deb13u1.dsc: no acceptable signature found
dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmpxbxv7_nj/glance_30.0.0-3+deb13u2.dsc: no acceptable signature found
diff -Nru glance-30.0.0/debian/changelog glance-30.0.0/debian/changelog
--- glance-30.0.0/debian/changelog	2026-04-05 14:42:49.000000000 +0000
+++ glance-30.0.0/debian/changelog	2026-04-27 06:23:24.000000000 +0000
@@ -1,3 +1,10 @@
+glance (2:30.0.0-3+deb13u2) trixie; urgency=medium
+
+  * Add No_DNS_resolution_in_test.patch, otherwise Glance cannot be build in
+    the buildd.
+
+ -- Thomas Goirand <zigo@debian.org>  Mon, 27 Apr 2026 08:23:24 +0200
+
 glance (2:30.0.0-3+deb13u1) trixie; urgency=medium
 
   * CVE-2026-34881 / OSSA-2026-004:
diff -Nru glance-30.0.0/debian/patches/No_DNS_resolution_in_test.patch glance-30.0.0/debian/patches/No_DNS_resolution_in_test.patch
--- glance-30.0.0/debian/patches/No_DNS_resolution_in_test.patch	1970-01-01 00:00:00.000000000 +0000
+++ glance-30.0.0/debian/patches/No_DNS_resolution_in_test.patch	2026-04-27 06:23:24.000000000 +0000
@@ -0,0 +1,60 @@
+Author: Thomas Goirand <zigo@debian.org>
+Date: Fri, 20 Mar 2026 15:19:24 +0100
+Description: No DNS resolution in test
+ This avoids DNS resolution during unit tests:
+ test_utils.ImportURITestCase.test_ignored_filtering_options
+ and
+ test_utils.ImportURITestCase.test_validate_import_uri
+ .
+ which are failing in downstream distributions that do not have
+ Internet access when running tests.
+Signed-off-by: Thomas Goirand <zigo@debian.org>
+Change-Id: I99103c7846c05df38f8477357f7f7693b28fe8c7
+Forwarded: https://review.opendev.org/c/openstack/glance/+/981520
+Last-Update: 2026-03-20
+
+Index: glance/glance/tests/unit/common/test_utils.py
+===================================================================
+--- glance.orig/glance/tests/unit/common/test_utils.py
++++ glance/glance/tests/unit/common/test_utils.py
+@@ -955,7 +955,14 @@ class EvaluateFilterOpTestCase(test_util
+ 
+ class ImportURITestCase(test_utils.BaseTestCase):
+ 
+-    def test_validate_import_uri(self):
++    @mock.patch("eventlet.green.socket.getaddrinfo")
++    def test_validate_import_uri(self, mock_getaddrinfo):
++        # This avoid internet access in validate_import_uri()
++        # (ie: DNS resolution of foo.com)
++        mock_getaddrinfo.return_value = [
++            (None, None, None, None, ("127.0.0.1", 80))
++        ]
++
+         self.assertTrue(utils.validate_import_uri("http://foo.com"))
+ 
+         self.config(allowed_schemes=['http'],
+@@ -968,6 +975,8 @@ class ImportURITestCase(test_utils.BaseT
+                     group='import_filtering_opts')
+         self.assertTrue(utils.validate_import_uri("http://example.com:8080"))
+ 
++    # No need to mock eventlet.green.socket.getaddrinfo here,
++    # because this test checks that example and foo.com are blacklisted.
+     def test_invalid_import_uri(self):
+         self.assertFalse(utils.validate_import_uri(""))
+ 
+@@ -984,7 +993,14 @@ class ImportURITestCase(test_utils.BaseT
+                     group='import_filtering_opts')
+         self.assertFalse(utils.validate_import_uri("http://localhost:8484"))
+ 
+-    def test_ignored_filtering_options(self):
++    @mock.patch("eventlet.green.socket.getaddrinfo")
++    def test_ignored_filtering_options(self, mock_getaddrinfo):
++        # This avoid internet access in validate_import_uri()
++        # (ie: DNS resolution of foo.com)
++        mock_getaddrinfo.return_value = [
++            (None, None, None, None, ("127.0.0.1", 80))
++        ]
++
+         LOG = logging.getLogger('glance.common.utils')
+         with mock.patch.object(LOG, 'debug') as mock_run:
+             self.config(allowed_schemes=['https', 'ftp'],
diff -Nru glance-30.0.0/debian/patches/series glance-30.0.0/debian/patches/series
--- glance-30.0.0/debian/patches/series	2026-04-05 14:42:49.000000000 +0000
+++ glance-30.0.0/debian/patches/series	2026-04-27 06:23:24.000000000 +0000
@@ -1,3 +1,4 @@
 sql_conn-registry.patch
 missing-files.patch
 CVE-2026-34881_OSSA-2026-004_Fix_SSRF_vulnerabilities_in_image_import_API.patch
+No_DNS_resolution_in_test.patch