On Fri Jun 12, 2026 at 12:24 PM CEST, Jérémy Rosen via lists.openembedded.org 
wrote:
> Hello Sudhir
>
> This CVE also affects wrynose and I could not find any submission for
> wrynose
>
> please submit for wrynose and once it is affected ping here
>
> Thanks a lot 
> Jérémy

Hello Sudhir,

Gentle ping for this patch.

Regards,

>
> On Mon Jun 1, 2026 at 8:11 PM CEST, Sudhir Dumbhare via 
> lists.openembedded.org wrote:
>> From: Sudhir Dumbhare <[email protected]>
>>
>> Applies the upstream fix [1] referenced in [2] and addresses the
>> sensitive-header redirect handling issue in proxied low-level urllib3 
>> requests.
>>
>> [1] 
>> https://github.com/urllib3/urllib3/commit/5ec0de499b9166ca71c65ab04f2a7e4eb0d66fcc
>> [2] https://ubuntu.com/security/CVE-2026-44431
>>
>> References:
>> https://nvd.nist.gov/vuln/detail/CVE-2026-44431
>>
>> Signed-off-by: Sudhir Dumbhare <[email protected]>
>> ---
>>  .../python3-urllib3/CVE-2026-44431.patch      | 163 ++++++++++++++++++
>>  .../python/python3-urllib3_2.2.2.bb           |   1 +
>>  2 files changed, 164 insertions(+)
>>  create mode 100644 
>> meta/recipes-devtools/python/python3-urllib3/CVE-2026-44431.patch
>>

-- 
Yoann Congal
Smile ECS

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#240285): 
https://lists.openembedded.org/g/openembedded-core/message/240285
Mute This Topic: https://lists.openembedded.org/mt/119597979/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to