auto-created for doomsday

This commit was autocreated by AutoGits PR Review Bot

referencing PRs:
 PR: pool/doomsday!1

.gitmodules

@@ -26242,3 +26242,7 @@
 	path = openQA-devel-container
 	url =  ../../pool/openQA-devel-container
 	branch = leap-16.0
+[submodule "doomsday"]
+	path = doomsday
+	url = ../../pool/doomsday
+	branch = leap-16.0

patchinfo.20260120143234408409.93181000773252/_patchinfo

@@ -0,0 +1,15 @@
+<patchinfo incident="packagehub-86">
+  <issue tracker="cve" id="2025-68616">VUL-0: CVE-2025-68616: python-weasyprint: server-side request forgery (SSRF) protection bypass via HTTP redirects allows access to internal network resources</issue>
+  <issue tracker="bnc" id="1256936">VUL-0: CVE-2025-68616: python-weasyprint: server-side request forgery (SSRF) protection bypass via HTTP redirects allows access to internal network resources</issue>
+  <packager>dgarcia</packager>
+  <rating>important</rating>
+  <category>security</category>
+  <summary>Security update for python-weasyprint</summary>
+  <description>This update for python-weasyprint fixes the following issues:
+
+Changes in python-weasyprint:
+
+- CVE-2025-68616: Fixed a server-side request forgery in default fetcher (boo#1256936).
+</description>
+  <package>python-weasyprint</package>
+</patchinfo>

patchinfo.20260120155333040130.93181000773252/_patchinfo

@@ -1,32 +0,0 @@
-<patchinfo>
-  <issue tracker="cve" id="2026-22772"/>
-  <issue tracker="bnc" id="1256546">VUL-0: CVE-2025-47911: TRACKERBUG: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents</issue>
-  <packager>dirkmueller</packager>
-  <rating>moderate</rating>
-  <category>recommended</category>
-  <summary>Recommended update for hauler</summary>
-  <description>This update for hauler fixes the following issues:
-
-Changes in hauler:
-
-- Update to version 1.4.1 (bsc#1256546, CVE-2026-22772):
-  * fixed typos for containerd imports (#493)
-  * fix and support containerd imports of `hauls` (#492)
-  * bump github.com/sigstore/fulcio (#489)
-
-- Update to version 1.4.0:
-  * added/updated logging for `serve` and `remove` (#487)
-  * added/fixed helm chart images/dependencies features (#485)
-  * more experimental feature updates (#486)
-  * add experimental notes (#483)
-  * updated tempdir flag to store persistent flags (#484)
-  * delete artifacts from store (#473)
-  * path rewrites (#475)
-  * updated/fixed workflow dependency versions (#478)
-
-- Update to version 1.3.2:
-  * bump to latest cosign fork release (#481)
-  * Bump golang.org/x/crypto in the go_modules group across 1 directory (#476)
-</description>
-  <package>hauler</package>
-</patchinfo>

patchinfo.20260126195507763486.93181000773252/_patchinfo

@@ -0,0 +1,12 @@
+<patchinfo>
+  <packager>eroca</packager>
+  <rating>moderate</rating>
+  <category>recommended</category>
+  <summary>Recommended update for doomsday</summary>
+  <description>This update for doomsday fixes the following issues:
+
+Introduces doomsday.
+
+</description>
+  <package>doomsday</package>
+</patchinfo>