On Mon, Jan 19, 2026 at 4:01 PM Anuj Mittal <[email protected]> wrote: > > On Wed, Jan 14, 2026 at 9:01 PM Ankur Tyagi via lists.openembedded.org > <[email protected]> wrote: > > > > From: Ankur Tyagi <[email protected]> > > > > Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53643 > > > > Signed-off-by: Ankur Tyagi <[email protected]> > > --- > > .../python3-aiohttp/CVE-2025-53643.patch | 189 ++++++++++++++++++ > > .../python/python3-aiohttp_3.9.5.bb | 4 +- > > 2 files changed, 192 insertions(+), 1 deletion(-) > > create mode 100644 > > meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-53643.patch > > > > diff --git > > a/meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-53643.patch > > b/meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-53643.patch > > new file mode 100644 > > index 0000000000..99ed1ca395 > > --- /dev/null > > +++ > > b/meta-python/recipes-devtools/python/python3-aiohttp/CVE-2025-53643.patch > > @@ -0,0 +1,189 @@ > > +From 2b45c0cc5f94a4aab25e80580db73c5da1152030 Mon Sep 17 00:00:00 2001 > > +From: Sam Bull <[email protected]> > > +Date: Wed, 9 Jul 2025 19:55:22 +0100 > > +Subject: [PATCH] Add trailer parsing logic (#11269) (#11287) > > + > > +CVE: CVE-2025-53643 > > +Upstream-Status: Backport > > [https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a] > > Please also include the changes done to the original change .. in this > case, dropped test and changelog .. >
Thanks for the review, I will send v2 accordingly. > Thanks, > > Anuj
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123589): https://lists.openembedded.org/g/openembedded-devel/message/123589 Mute This Topic: https://lists.openembedded.org/mt/117260214/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
