On 1/12/26 10:09, Anuj Mittal via lists.openembedded.org wrote: > On Mon, Jan 12, 2026 at 1:06 PM Haixiao Yan > <[email protected]> wrote: >> >> On 2026/1/12 11:10, Anuj Mittal wrote: >>> CAUTION: This email comes from a non Wind River email account! >>> Do not click links or open attachments unless you recognize the sender and >>> know the content is safe. >>> >>> On Sat, Jan 10, 2026 at 6:01 PM Yan, Haixiao (CN) via >>> lists.openembedded.org >>> <[email protected]> wrote: >>>> From: Haixiao Yan <[email protected]> >>>> >>>> - Fix: >>>> NameError: name '_lazy_re_compile' is not defined >>>> introduced by CVE-2024-27351.patch and CVE-2025-32873.patch >>>> - Revert the modification for docs/releases/2.2.28.txt >>>> >>>> Signed-off-by: Haixiao Yan <[email protected]> >>>> --- >>>> v2: Fix a typo in the title >>>> >>>> .../python3-django/CVE-2024-27351.patch | 35 ++++------------ >>>> .../python3-django/CVE-2024-39329.patch | 27 +++--------- >>>> .../python3-django/CVE-2024-39330.patch | 40 +++++------------- >>>> .../python3-django/CVE-2024-56374.patch | 42 +++++-------------- >>>> .../python3-django/CVE-2025-26699.patch | 37 +++++----------- >>>> .../python3-django/CVE-2025-32873.patch | 33 ++++----------- >>>> .../python3-django/CVE-2025-57833.patch | 33 ++++----------- >>> It's hard to look at a patch patching a patch file .. Why are the >>> other patch files being changed which didn't have this problem? >> For CVE-related fixes, I don't think updating the release notes is >> necessary, as no version upgrade is involved. > Is this fixing any issue? > >> For fixing the issue '_lazy_re_compile' is not defined, do you suggest >> leaving the original patch untouched and creating a separate patch instead? >> > Yes, I think it'd be better to separate these two issues. >
Personally I have no big problems with this patch - but if you'd prefer to update it, do you think it could be sorted on top of this, instead of a v2? If you really need to do a v2, that's fine also, but then I will drop this one from the currently prepared PR.
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123373): https://lists.openembedded.org/g/openembedded-devel/message/123373 Mute This Topic: https://lists.openembedded.org/mt/117189246/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
