From c84d63988100dce8a749fd964a4344cddcf937a5 Mon Sep 17 00:00:00 2001
From: Kurt Garloff <kurt@garloff.de>
Date: Mon, 1 Jun 2026 18:37:15 +0200
Subject: [PATCH] Fix link to yaook security advisory.

Thanks, @horazont!

Signed-off-by: Kurt Garloff <kurt@garloff.de>
---
 blog/2026-05-28-keystone.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/blog/2026-05-28-keystone.md b/blog/2026-05-28-keystone.md
index befa0a4cad..2283f41e71 100644
--- a/blog/2026-05-28-keystone.md
+++ b/blog/2026-05-28-keystone.md
@@ -28,7 +28,7 @@ The core issues are:
 
 - **Cross-Project EC2 Credentials (CVE-2026-43001):** Application credentials
   scoped to one project could be used to create EC2-style credentials for a
-different project, enabling lateral movement across tenant boundaries.
+  different project, enabling lateral movement across tenant boundaries.
 
 - **Federated Token Rescoping (CVE-2026-44394):** In SAML2/OIDC deployments,
   federated users can maintain access indefinitely by repeatedly rescoping
@@ -74,7 +74,7 @@ functionality for services like Heat or image uploads.
 The SCS ecosystem software providers are providing fixed Keystone images:
 
 - [OSISM](https://osism.tech/docs/appendix/security/ossa-2026-015)
-- [yaook](https://yaook.cloud/security-advisories-cve-2026-33551)
+- [yaook](https://yaook.cloud/security-advisories-cve-2026-42998-43001-44394/)
 
 ## Outlook