Add CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch

Reject control characters in http cookies (bsc#1257031, CVE-2026-0672).

python313.changes

@@ -7,6 +7,9 @@ Tue Jan 27 16:31:12 UTC 2026 - Matej Cepl <mcepl@cepl.eu>
 - Add CVE-2025-11468-email-hdr-fold-comment.patch preserving
   parens when folding comments in email headers (bsc#1257029,
   CVE-2025-11468).
+- Add CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch, which
+  rejects control characters in http cookies (bsc#1257031,
+  CVE-2026-0672).
 
 -------------------------------------------------------------------
 Thu Dec 11 21:36:09 UTC 2025 - Matej Cepl <mcepl@cepl.eu>