From 57b82451405b94056d6da15ec0a192ddd9bd510e Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Wed, 7 Jan 2026 12:33:43 +0100
Subject: [PATCH] python3-m2crypto: mark CVE-2020-25657 as patched

Details: https://nvd.nist.gov/vuln/detail/CVE-2020-25657

The commit[1] that fixes the vulnerability has been part of the
package since version 0.39.0

[1]: https://git.sr.ht/~mcepl/m2crypto/commit/84c53958def0f510e92119fca14d74f94215827a

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb b/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb
index 92b14787fa..bd7a2369bd 100644
--- a/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb
+++ b/meta-python/recipes-devtools/python/python3-m2crypto_0.46.2.bb
@@ -13,6 +13,7 @@ SRC_URI += " \
 "
 
 CVE_STATUS[CVE-2009-0127] = "disputed: upstream claims there is no bug"
+CVE_STATUS[CVE-2020-25657] = "fixed-version: the used version (0.46.2) contains the fix already"
 
 inherit pypi siteinfo python_setuptools_build_meta