GET

Cover Letter Detail

Show a cover letter.

GET /api/1.2/covers/2231092/?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2231092,
    "url": "http://patchwork.ozlabs.org/api/1.2/covers/2231092/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/glibc/cover/cover.1777546194.git.fweimer@redhat.com/",
    "project": {
        "id": 41,
        "url": "http://patchwork.ozlabs.org/api/1.2/projects/41/?format=api",
        "name": "GNU C Library",
        "link_name": "glibc",
        "list_id": "libc-alpha.sourceware.org",
        "list_email": "libc-alpha@sourceware.org",
        "web_url": "",
        "scm_url": "",
        "webscm_url": "",
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<cover.1777546194.git.fweimer@redhat.com>",
    "list_archive_url": null,
    "date": "2026-04-30T10:51:34",
    "name": "[0/5] Fixes for CVE-2026-5435, CVE-2026-6238",
    "submitter": {
        "id": 14312,
        "url": "http://patchwork.ozlabs.org/api/1.2/people/14312/?format=api",
        "name": "Florian Weimer",
        "email": "fweimer@redhat.com"
    },
    "mbox": "http://patchwork.ozlabs.org/project/glibc/cover/cover.1777546194.git.fweimer@redhat.com/mbox/",
    "series": [
        {
            "id": 502273,
            "url": "http://patchwork.ozlabs.org/api/1.2/series/502273/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/glibc/list/?series=502273",
            "date": "2026-04-30T10:51:34",
            "name": "Fixes for CVE-2026-5435, CVE-2026-6238",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/502273/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/covers/2231092/comments/",
    "headers": {
        "Return-Path": "<libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "libc-alpha@sourceware.org"
        ],
        "Delivered-To": [
            "patchwork-incoming@legolas.ozlabs.org",
            "libc-alpha@sourceware.org"
        ],
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=SJNFKb9E;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org\n (client-ip=2620:52:6:3111::32; helo=vm01.sourceware.org;\n envelope-from=libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org;\n receiver=patchwork.ozlabs.org)",
            "sourceware.org;\n\tdkim=pass (1024-bit key,\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=SJNFKb9E",
            "sourceware.org; dmarc=pass (p=quarantine dis=none)\n header.from=redhat.com",
            "sourceware.org; spf=pass smtp.mailfrom=redhat.com",
            "server2.sourceware.org;\n arc=none smtp.remote-ip=170.10.133.124"
        ],
        "Received": [
            "from vm01.sourceware.org (vm01.sourceware.org\n [IPv6:2620:52:6:3111::32])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g5rb66Xnwz1yGq\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 30 Apr 2026 20:52:02 +1000 (AEST)",
            "from vm01.sourceware.org (localhost [127.0.0.1])\n\tby sourceware.org (Postfix) with ESMTP id 6B6734371D69\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 30 Apr 2026 10:52:00 +0000 (GMT)",
            "from us-smtp-delivery-124.mimecast.com\n (us-smtp-delivery-124.mimecast.com [170.10.133.124])\n by sourceware.org (Postfix) with ESMTP id 824EB4371D64\n for <libc-alpha@sourceware.org>; Thu, 30 Apr 2026 10:51:40 +0000 (GMT)",
            "from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com\n (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by\n relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,\n cipher=TLS_AES_256_GCM_SHA384) id us-mta-478-knitDXxiNA272lySFpU4GQ-1; Thu,\n 30 Apr 2026 06:51:38 -0400",
            "from mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com\n (mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.111])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n (No client certificate requested)\n by mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS\n id 00D3E18004AD\n for <libc-alpha@sourceware.org>; Thu, 30 Apr 2026 10:51:38 +0000 (UTC)",
            "from fweimer-oldenburg.csb.redhat.com (unknown [10.44.48.4])\n by mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with\n ESMTPS\n id 4D6161800446\n for <libc-alpha@sourceware.org>; Thu, 30 Apr 2026 10:51:36 +0000 (UTC)"
        ],
        "DKIM-Filter": [
            "OpenDKIM Filter v2.11.0 sourceware.org 6B6734371D69",
            "OpenDKIM Filter v2.11.0 sourceware.org 824EB4371D64"
        ],
        "DMARC-Filter": "OpenDMARC Filter v1.4.2 sourceware.org 824EB4371D64",
        "ARC-Filter": "OpenARC Filter v1.0.0 sourceware.org 824EB4371D64",
        "ARC-Seal": "i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1777546300; cv=none;\n b=UCDkQuKvxfejQpsn4AVT9hnBiqzN53RiMcXRa4e2baI5yrLEPX20/UgI0hJyO1YifxY8EZmoF+RhZbRYUkH9PnXdWnYMvcpF8jrI27qskpPhmeM156PgASi3elVAHLSwK2IVuJwN0oCNT0Hc+BvP2pEQ5aFqlGleGpYlJoH8Irk=",
        "ARC-Message-Signature": "i=1; a=rsa-sha256; d=sourceware.org; s=key;\n t=1777546300; c=relaxed/simple;\n bh=Kra5ImuYlMRO0dlFoi0bRxVPcrZ0B6rzZnSsKVckkl8=;\n h=DKIM-Signature:From:To:Subject:Message-ID:Date:MIME-Version;\n b=a2UOqBMUmPVFBestX6wUUdkDCmcBFl5TH3A/AJkxyr8KuqbV7AC27r8AsO8Bfk0Nnb4PhZiTx+zkl1189/dFU3LUPuTfirEpp9OWXcbusg8TLToctd6IJXX/dAPUdYfJJlKRuEviQQTUocLn7Te8/sdiVnlg+IyjY8DWRsgNQN4=",
        "ARC-Authentication-Results": "i=1; server2.sourceware.org",
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n s=mimecast20190719; t=1777546300;\n h=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n to:to:cc:mime-version:mime-version:content-type:content-type;\n bh=HZanmWBU8YRBbVECoOym5/B05i6Aq6DQrj9AD88e88M=;\n b=SJNFKb9E4Xwr9nl2GwDdc9IBxxkzmrA5WV92/mcQnhaKHIZ94YWm/G2/+piiipPwCQltEK\n CpenuSMz0QL2WVKY1wQmEfW6PGoB3l5B/P0hj45tuIe1gB+XeDD+aBG1x20NeNjCN2LHzf\n UBxTjcxxmvwZWwU+/aVbRSvHwDDg+fE=",
        "X-MC-Unique": "knitDXxiNA272lySFpU4GQ-1",
        "X-Mimecast-MFC-AGG-ID": "knitDXxiNA272lySFpU4GQ_1777546298",
        "From": "Florian Weimer <fweimer@redhat.com>",
        "To": "libc-alpha@sourceware.org",
        "Subject": "[PATCH 0/5] Fixes for CVE-2026-5435, CVE-2026-6238",
        "Message-ID": "<cover.1777546194.git.fweimer@redhat.com>",
        "X-From-Line": "c0191a0afbfd6837bc7bc1b2695eaacf3e41b0fe Mon Sep 17 00:00:00 2001",
        "Date": "Thu, 30 Apr 2026 12:51:34 +0200",
        "User-Agent": "Gnus/5.13 (Gnus v5.13)",
        "MIME-Version": "1.0",
        "X-Scanned-By": "MIMEDefang 3.4.1 on 10.30.177.111",
        "X-Mimecast-Spam-Score": "0",
        "X-Mimecast-MFC-PROC-ID": "9hDoR_7hLbtqXYoNeq6dZXHcpd9iNnuET2GarWPwKPg_1777546298",
        "X-Mimecast-Originator": "redhat.com",
        "Content-Type": "text/plain",
        "X-BeenThere": "libc-alpha@sourceware.org",
        "X-Mailman-Version": "2.1.30",
        "Precedence": "list",
        "List-Id": "Libc-alpha mailing list <libc-alpha.sourceware.org>",
        "List-Unsubscribe": "<https://sourceware.org/mailman/options/libc-alpha>,\n <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>",
        "List-Archive": "<https://sourceware.org/pipermail/libc-alpha/>",
        "List-Post": "<mailto:libc-alpha@sourceware.org>",
        "List-Help": "<mailto:libc-alpha-request@sourceware.org?subject=help>",
        "List-Subscribe": "<https://sourceware.org/mailman/listinfo/libc-alpha>,\n <mailto:libc-alpha-request@sourceware.org?subject=subscribe>",
        "Errors-To": "libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org"
    },
    "content": "CVE-2026-6238 has multiple vulnerable commits across different glibc\nversions.  Technically, this means the CVE ID should be SPLIT.  I'm not\nsure if this is worthwhile because I doubt people care about glibc\nbefore version 2.7.\n\nThanks,\nFlorian\n\nFlorian Weimer (5):\n  Update GLIBC-SA-2026-0012 to mention A6 records\n  resolv: Check for inet_ntop failure in ns_sprintrrf\n  resolv: Remove incorrect parts of TSIG handling from ns_sprintrrf\n    (CVE-2026-5435)\n  resolv: Fix buffer overreads in ns_sprintrrf (CVE-2026-6238)\n  resolv: Add test case tst-ns_sprintrr (bug 34033, bug 34069)\n\n advisories/GLIBC-SA-2026-0012 |   4 +-\n resolv/Makefile               |   2 +\n resolv/ns_print.c             |  46 ++---\n resolv/tst-ns_sprintrr.c      | 322 ++++++++++++++++++++++++++++++++++\n 4 files changed, 352 insertions(+), 22 deletions(-)\n create mode 100644 resolv/tst-ns_sprintrr.c\n\n\nbase-commit: dbc2b380fac027fed5db6ae864e4accf9f82a3fd"
}