diff --git a/meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch b/meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch
index ee6321361455..2c4b248b97b7 100644
--- a/meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch
+++ b/meta/recipes-core/glib-2.0/files/CVE-2026-58016-1.patch
@@ -13,6 +13,8 @@ Fix the check and add some unit tests for it.
 Spotted by linhlhq as #YWH-PGM9867-204. The fix is mine, and the unit test
 uses example XML strings adapted from their report.
 
+Signed-off-by: Philip Withnall <pwithnall@gnome.org>
+
 Fixes: #3932
 
 CVE: CVE-2026-58016
diff --git a/meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch b/meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch
index a24e54016177..a61e35ad8a7c 100644
--- a/meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch
+++ b/meta/recipes-core/glib-2.0/files/CVE-2026-58016-2.patch
@@ -14,6 +14,8 @@ complicated, and it’s possible that these dereferences of the
 Make failures like that more debuggable by adding an assertion on the
 length beforehand.
 
+Signed-off-by: Philip Withnall <pwithnall@gnome.org>
+
 Helps: #3932
 
 CVE: CVE-2026-58016
