[Bug 2138420] Re: backport of CVE-2026-21441 results in broken package

Launchpad Bug Tracker Mon, 19 Jan 2026 04:00:54 -0800

This bug was fixed in the package python-urllib3 -
1.26.5-1~exp1ubuntu0.6

---------------
python-urllib3 (1.26.5-1~exp1ubuntu0.6) jammy-security; urgency=medium


  * SECURITY REGRESSION: Missing _has_decoded_content from CVE-2026-21441
    (LP: #2138420)
    - debian/patches/CVE-2026-21441-fix1.patch: Implement _has_decoded_content
      and decoded checks in src/urllib3/response.py. Add tests in
      test/test_response.py.

 -- Hlib Korzhynskyy <[email protected]>  Fri, 16 Jan 2026
19:39:26 -0330

** Changed in: python-urllib3 (Ubuntu)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2138420

Title:
  backport of CVE-2026-21441 results in broken package

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-urllib3/+bug/2138420/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2138420] Re: backport of CVE-2026-21441 results in broken package

Reply via email to