| Message ID | 20260710-fix-cves-python-master-fix-v1-1-653636ec864b@bootlin.com |
|---|---|
| State | Accepted, archived |
| Commit | b470a748002e6c5a4dcd4cd6022d01427d31639d |
| Headers | show |
| Series | python3: add back Co-authored-by in CVE-2026-11972 patch | expand |
On Fri Jul 10, 2026 at 9:48 AM CEST, Benjamin Robin (Schneider Electric) wrote: > It had been deleted by mistake due to a lack of knowledge regarding how > to handle it. > > Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> Thanks Benjamin, I really appreciate the follow-up :)
diff --git a/meta/recipes-devtools/python/python3/CVE-2026-11972.patch b/meta/recipes-devtools/python/python3/CVE-2026-11972.patch index 7dc9c6697112..12a79754febd 100644 --- a/meta/recipes-devtools/python/python3/CVE-2026-11972.patch +++ b/meta/recipes-devtools/python/python3/CVE-2026-11972.patch @@ -4,6 +4,8 @@ Date: Tue, 23 Jun 2026 15:13:30 +0200 Subject: [PATCH 2/2] gh-151981: Make tarfile._Stream.seek break at EOF (GH-151982) +Co-authored-by: Stan Ulbrych <stan@python.org> + CVE: CVE-2026-11972 Upstream-Status: Backport [https://github.com/python/cpython/commit/f50bf13566189c8d0ce5a814f33eff3d89951896]
It had been deleted by mistake due to a lack of knowledge regarding how to handle it. Signed-off-by: Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com> --- meta/recipes-devtools/python/python3/CVE-2026-11972.patch | 2 ++ 1 file changed, 2 insertions(+) --- base-commit: 5a5f2ec43cbb9096f1fc52ba4c2a4f94526f103d change-id: 20260710-fix-cves-python-master-fix-13a1439fb7d5 Best regards, -- Benjamin Robin (Schneider Electric) <benjamin.robin@bootlin.com>