mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 04:17:25 +00:00
python3-twitter: mark CVE-2012-5825 patched
Details: https://nvd.nist.gov/vuln/detail/CVE-2012-5825
The Debian bugtracker[1] indicated that the issue is tracked by
upstream in github[2] (with a difference CVE ID, but same issue),
where the vulnerability was confirmed. Later in the same github issue
the solution is confirmed: the project switched to use the requests
library, which doesn't suffer from this vulnerability.
Due to this mark the CVE as patched.
[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692444
[2]: https://github.com/tweepy/tweepy/issues/279
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3ee544e759)
Adapted to Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
@@ -16,3 +16,6 @@ RDEPENDS:${PN} += "\
|
|||||||
${PYTHON_PN}-requests \
|
${PYTHON_PN}-requests \
|
||||||
${PYTHON_PN}-six \
|
${PYTHON_PN}-six \
|
||||||
"
|
"
|
||||||
|
|
||||||
|
# fixed-version: The vulnerability has been fixed since v3.1.0
|
||||||
|
CVE_CHECK_IGNORE += "CVE-2012-5825"
|
||||||
|
|||||||
Reference in New Issue
Block a user