Fix CVE-2026-1703, bsc#1257599

Add CVE-2026-1703.patch upstream patch
(bsc#1257599, CVE-2026-1703, gh#pypa/pip#13777)

python-pip.spec

@@ -47,6 +47,8 @@ Patch0:         pip-shipped-requests-cabundle.patch
 Patch1:         distutils-reproducible-compile.patch
 # PATCH-FIX-OPENSUSE: deal missing ca-certificates as "ssl not available"
 Patch2:         disable-ssl-context-in-buildenv.patch
+# PATCH-FIX-UPSTREAM CVE-2026-1703.patch gh#pypa/pip#13777
+Patch3:         CVE-2026-1703.patch
 BuildRequires:  %{python_module base >= 3.7}
 BuildRequires:  %{python_module setuptools >= 40.8.0}
 # The rpm python-wheel build is bootstrap friendly since 0.42