diff --git a/RHEL-139760-fix-bundled-urllib3-CVE-2025-66471.patch b/RHEL-139760-fix-bundled-urllib3-CVE-2025-66471.patch
index c61c342..af37480 100644
--- a/RHEL-139760-fix-bundled-urllib3-CVE-2025-66471.patch
+++ b/RHEL-139760-fix-bundled-urllib3-CVE-2025-66471.patch
@@ -1,5 +1,5 @@
 --- a/aliyun/aliyunsdkcore/vendored/requests/packages/urllib3/response.py	2023-10-17 19:42:56.000000000 +0200
-+++ b/aliyun/aliyunsdkcore/vendored/requests/packages/urllib3/response.py	2026-01-13 11:24:13.592292511 +0100
++++ b/aliyun/aliyunsdkcore/vendored/requests/packages/urllib3/response.py	2026-01-16 10:53:08.058702582 +0100
 @@ -23,6 +23,7 @@
  from .exceptions import (
      BodyNotHttplibCompatible,
@@ -227,20 +227,19 @@
  
  
  def _get_decoder(mode):
-@@ -624,7 +736,11 @@
+@@ -624,7 +736,10 @@
              for line in self.read_chunked(amt, decode_content=decode_content):
                  yield line
          else:
 -            while not is_fp_closed(self._fp):
 +            while (
 +                not is_fp_closed(self._fp)
-+                or len(self._decoded_buffer) > 0
 +                or (self._decoder and self._decoder.has_unconsumed_tail)
 +            ):
                  data = self.read(amt=amt, decode_content=decode_content)
  
                  if data:
-@@ -830,7 +946,10 @@
+@@ -830,7 +945,10 @@
                      break
                  chunk = self._handle_chunk(amt)
                  decoded = self._decode(
@@ -254,7 +253,7 @@
                      yield decoded
 
 --- a/gcp/google-cloud-sdk/lib/third_party/urllib3/response.py	2023-10-17 19:42:56.000000000 +0200
-+++ b/gcp/google-cloud-sdk/lib/third_party/urllib3/response.py	2026-01-13 11:24:13.592292511 +0100
++++ b/gcp/google-cloud-sdk/lib/third_party/urllib3/response.py	2026-01-16 10:53:08.058702582 +0100
 @@ -23,6 +23,7 @@
  from .exceptions import (
      BodyNotHttplibCompatible,
@@ -482,20 +481,19 @@
  
  
  def _get_decoder(mode):
-@@ -624,7 +736,11 @@
+@@ -624,7 +736,10 @@
              for line in self.read_chunked(amt, decode_content=decode_content):
                  yield line
          else:
 -            while not is_fp_closed(self._fp):
 +            while (
 +                not is_fp_closed(self._fp)
-+                or len(self._decoded_buffer) > 0
 +                or (self._decoder and self._decoder.has_unconsumed_tail)
 +            ):
                  data = self.read(amt=amt, decode_content=decode_content)
  
                  if data:
-@@ -830,7 +946,10 @@
+@@ -830,7 +945,10 @@
                      break
                  chunk = self._handle_chunk(amt)
                  decoded = self._decode(
diff --git a/resource-agents.spec b/resource-agents.spec
index 326f6ad..d1db658 100644
--- a/resource-agents.spec
+++ b/resource-agents.spec
@@ -73,7 +73,7 @@
 Name:		resource-agents
 Summary:	Open Source HA Reusable Cluster Resource Scripts
 Version:	4.9.0
-Release:	54%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}.25
+Release:	54%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist}.26
 License:	GPLv2+ and LGPLv2+
 URL:		https://github.com/ClusterLabs/resource-agents
 %if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel}
@@ -1051,7 +1051,7 @@ ccs_update_schema > /dev/null 2>&1 ||:
 %{_usr}/lib/ocf/lib/heartbeat/OCF_*.pm
 
 %changelog
-* Wed Jan 14 2026 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-54.25
+* Fri Jan 16 2026 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.9.0-54.26
 - bundled urllib3: fix CVE-2025-66471
 - bundled urllib3: fix CVE-2026-21441