Merge remote-tracking branch 'in_devel/slfo-main' into slfo-main

python314.spec

@@ -222,15 +222,25 @@ Patch40:        fix-test-recursion-limit-15.6.patch
 Patch41:        bsc1243155-sphinx-non-determinism.patch
 # PATCH-FIX-OPENSUSE gh139257-Support-docutils-0.22.patch gh#python/cpython#139257 daniel.garcia@suse.com
 Patch45:        gh139257-Support-docutils-0.22.patch
+# PATCH-FIX-UPSTREAM CVE-2024-6923-follow-up-EOL-email-headers.patch bsc#1257181 mcepl@suse.com
+# Encode newlines in headers when using ByteGenerator
+# patch from gh#python/cpython#144125
+Patch46:        CVE-2024-6923-follow-up-EOL-email-headers.patch
+# PATCH-FIX-UPSTREAM CVE-2025-11468-email-hdr-fold-comment.patch bsc#1257029 mcepl@suse.com
+# Email preserve parens when folding comments
+Patch47:        CVE-2025-11468-email-hdr-fold-comment.patch
+# PATCH-FIX-UPSTREAM CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch bsc#1257031 mcepl@suse.com
+# Reject control characters in http cookies
+Patch48:        CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch
 # PATCH-FIX-UPSTREAM CVE-2025-12781-b64decode-alt-chars.patch bsc#1257108 mcepl@suse.com
 # Fix decoding with non-standard Base64 alphabet gh#python/cpython#125346
-Patch46:        CVE-2025-12781-b64decode-alt-chars.patch
+Patch49:        CVE-2025-12781-b64decode-alt-chars.patch
 # PATCH-FIX-UPSTREAM CVE-2025-15366-imap-ctrl-chars.patch bsc#1257044 mcepl@suse.com
 # Reject control characters in wsgiref.headers.Headers
-Patch47:        CVE-2025-15366-imap-ctrl-chars.patch
+Patch50:        CVE-2025-15366-imap-ctrl-chars.patch
 # PATCH-FIX-UPSTREAM CVE-2025-15367-poplib-ctrl-chars.patch bsc#1257041 mcepl@suse.com
 # Reject control characters in poplib
-Patch48:        CVE-2025-15367-poplib-ctrl-chars.patch
+Patch51:        CVE-2025-15367-poplib-ctrl-chars.patch
 #### Python 3.14 END OF PATCHES
 BuildRequires:  autoconf-archive
 BuildRequires:  automake