Package "mistral-event-engine"

  mistral (22.0.0-0ubuntu1.1) resolute-security; urgency=high

  [ Myles Penner ]
  * d/gbp.conf: Create stable/2026.1 branch.

  [ Hemanth Nakkina ]
  * SECURITY UPDATE: unauthorized resource publication via overly permissive
    publicize policies in workflows, actions, event triggers, code sources,
    dynamic actions, workbooks, cron triggers, and environments.
    - d/p/cve-2026-41283-restrict-publicize-policies-admin-only.patch:
      restrict publicize policies to admin_only for workflows, actions and
      event triggers; add missing enforcement on event trigger update.
    - d/p/cve-2026-41283-remove-expect-errors-policy-tests.patch:
      clean up unnecessary expect_errors=True in policy tests.
    - d/p/cve-2026-41283-add-code-sources-publicize-policy.patch:
      add code_sources:publicize policy (admin_only) and enforce on
      create/update.
    - d/p/cve-2026-41283-restrict-code-sources-dynamic-actions.patch:
      restrict code_sources and dynamic_actions operations to admin_only.
    - d/p/cve-2026-41283-add-dynamic-actions-publicize-policy.patch:
      add dynamic_actions:publicize policy (admin_only) and enforce on
      create/update.
    - d/p/cve-2026-41283-add-workbooks-publicize-policy.patch:
      add workbooks:publicize policy (admin_only) and enforce on
      create/update.
    - d/p/cve-2026-41283-add-cron-triggers-publicize-policy.patch:
      add cron_triggers:publicize policy (admin_only) and enforce on create.
    - d/p/cve-2026-41283-add-environments-publicize-policy.patch:
      add environments:publicize policy (admin_only) and enforce on
      create/update.
    - CVE-2026-41283

 -- Hemanth Nakkina <email address hidden> Sun, 01 Jun 2026 06:00:00 +0000