python3-twitter: mark CVE-2012-5825 patched

Details: https://nvd.nist.gov/vuln/detail/CVE-2012-5825 The Debian bugtracker[1] indicated that the issue is tracked by upstream in github[2] (with a difference CVE ID, but same issue), where the vulnerability was confirmed. Later in the same github issue the solution is confirmed: the project switched to use the requests library, which doesn't suffer from this vulnerability. Due to this mark the CVE as patched. [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692444 [2]: https://github.com/tweepy/tweepy/issues/279 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 3ee544e7591b36a49550a263a0ec4d64b5e490e8) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-04-02 02:49:12 +00:00 · 2026-01-23 18:02:17 +01:00 · 2026-01-23 18:02:17 +01:00 · 13e671d322
commit 13e671d322
parent eb50cc82be
1 changed files with 2 additions and 0 deletions
--- a/meta-python/recipes-devtools/python/python3-twitter_4.14.0.bb
+++ b/meta-python/recipes-devtools/python/python3-twitter_4.14.0.bb
@ -17,3 +17,5 @@ RDEPENDS:${PN} += "\
    python3-requests-oauthlib \
    python3-six \
 "
+
+CVE_STATUS[CVE-2012-5825] = "fixed-version: The vulnerability has been fixed since v3.1.0"