diff mbox series

[meta-python,scarthgap,v2] python3-twisted: patch CVE-2024-41810

Message ID 20260125012402.489953-1-ankur.tyagi85@gmail.com
State New
Headers show
Series [meta-python,scarthgap,v2] python3-twisted: patch CVE-2024-41810 | expand

Commit Message

Ankur Tyagi Jan. 25, 2026, 1:24 a.m. UTC 
From: Ankur Tyagi <ankur.tyagi85@gmail.com>

Though nvd[1] mentions commit[2] as part of the fix for CVE-2024-41671, but
it is actually a fix[3] for CVE-2024-41810.

Rename patch files accordingly.

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-41671
[2] https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33
[3] https://nvd.nist.gov/vuln/detail/CVE-2024-41810

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
 .../{CVE-2024-41671-0002.patch => CVE-2024-41671.patch}     | 4 ++++
 .../{CVE-2024-41671-0001.patch => CVE-2024-41810.patch}     | 6 +++++-
 .../recipes-devtools/python/python3-twisted_24.3.0.bb       | 4 ++--
 3 files changed, 11 insertions(+), 3 deletions(-)
 rename meta-python/recipes-devtools/python/python3-twisted/{CVE-2024-41671-0002.patch => CVE-2024-41671.patch} (98%)
 rename meta-python/recipes-devtools/python/python3-twisted/{CVE-2024-41671-0001.patch => CVE-2024-41810.patch} (95%)
diff mbox series

Patch

diff --git a/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0002.patch b/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671.patch
similarity index 98%
rename from meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0002.patch
rename to meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671.patch
index 147c21d73d..5c0d7b6a77 100644
--- a/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0002.patch
+++ b/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671.patch
@@ -10,6 +10,10 @@  CVE: CVE-2024-41671
 Upstream-Status: Backport [https://github.com/twisted/twisted/commit/4a930de12fb67e88fefcb8822104152f42b27abc]
 
 Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+
+Dropped newsfragements change from  the original commit.
+
+Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
 ---
  src/twisted/web/http.py           |  21 +++--
  src/twisted/web/test/test_http.py | 122 ++++++++++++++++++++++++++----
diff --git a/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0001.patch b/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41810.patch
similarity index 95%
rename from meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0001.patch
rename to meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41810.patch
index 1f6bf6bbfc..e41d9667f0 100644
--- a/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0001.patch
+++ b/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41810.patch
@@ -5,11 +5,15 @@  Subject: [PATCH] Merge commit from fork
 
 Added HTML output encoding the "URL" parameter of the "redirectTo" function
 
-CVE: CVE-2024-41671
+CVE: CVE-2024-41810
 
 Upstream-Status: Backport [https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33]
 
 Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
+
+Dropped newsfragements change from  the original commit.
+
+Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
 ---
  src/twisted/web/_template_util.py |  2 +-
  src/twisted/web/test/test_util.py | 39 ++++++++++++++++++++++++++++++-
diff --git a/meta-python/recipes-devtools/python/python3-twisted_24.3.0.bb b/meta-python/recipes-devtools/python/python3-twisted_24.3.0.bb
index 272aecb8b0..691b80ac68 100644
--- a/meta-python/recipes-devtools/python/python3-twisted_24.3.0.bb
+++ b/meta-python/recipes-devtools/python/python3-twisted_24.3.0.bb
@@ -7,8 +7,8 @@  LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=c1c5d2c2493b848f83864bdedd67bbf5"
 
 SRC_URI += " \
-    file://CVE-2024-41671-0001.patch \
-    file://CVE-2024-41671-0002.patch \
+    file://CVE-2024-41671.patch \
+    file://CVE-2024-41810.patch \
 "
 
 SRC_URI[sha256sum] = "6b38b6ece7296b5e122c9eb17da2eeab3d98a198f50ca9efd00fb03e5b4fd4ae"