On Fri Jun 12, 2026 at 12:24 PM CEST, Jérémy Rosen via lists.openembedded.org wrote: > Hello Sudhir > > This CVE also affects wrynose and I could not find any submission for > wrynose > > please submit for wrynose and once it is affected ping here > > Thanks a lot > Jérémy
Hello Sudhir, Gentle ping for this patch. Regards, > > On Mon Jun 1, 2026 at 8:11 PM CEST, Sudhir Dumbhare via > lists.openembedded.org wrote: >> From: Sudhir Dumbhare <[email protected]> >> >> Applies the upstream fix [1] referenced in [2] and addresses the >> sensitive-header redirect handling issue in proxied low-level urllib3 >> requests. >> >> [1] >> https://github.com/urllib3/urllib3/commit/5ec0de499b9166ca71c65ab04f2a7e4eb0d66fcc >> [2] https://ubuntu.com/security/CVE-2026-44431 >> >> References: >> https://nvd.nist.gov/vuln/detail/CVE-2026-44431 >> >> Signed-off-by: Sudhir Dumbhare <[email protected]> >> --- >> .../python3-urllib3/CVE-2026-44431.patch | 163 ++++++++++++++++++ >> .../python/python3-urllib3_2.2.2.bb | 1 + >> 2 files changed, 164 insertions(+) >> create mode 100644 >> meta/recipes-devtools/python/python3-urllib3/CVE-2026-44431.patch >> -- Yoann Congal Smile ECS
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#240285): https://lists.openembedded.org/g/openembedded-core/message/240285 Mute This Topic: https://lists.openembedded.org/mt/119597979/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
