From 363dc629d40f87681360fd0e90a5fd60ffccd1a4 Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Thu, 29 Jan 2026 07:31:25 +0100
Subject: python3-twitter: mark CVE-2012-5825 patched

Details: https://nvd.nist.gov/vuln/detail/CVE-2012-5825

The Debian bugtracker[1] indicated that the issue is tracked by
upstream in github[2] (with a difference CVE ID, but same issue),
where the vulnerability was confirmed. Later in the same github issue
the solution is confirmed: the project switched to use the requests
library, which doesn't suffer from this vulnerability.

Due to this mark the CVE as patched.

[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692444
[2]: https://github.com/tweepy/tweepy/issues/279

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 3ee544e7591b36a49550a263a0ec4d64b5e490e8)

Adapted to Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-python/recipes-devtools/python/python3-twitter_4.8.0.bb | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'meta-python/recipes-devtools/python')

diff --git a/meta-python/recipes-devtools/python/python3-twitter_4.8.0.bb b/meta-python/recipes-devtools/python/python3-twitter_4.8.0.bb
index 247b4e5840..0b174684a9 100644
--- a/meta-python/recipes-devtools/python/python3-twitter_4.8.0.bb
+++ b/meta-python/recipes-devtools/python/python3-twitter_4.8.0.bb
@@ -16,3 +16,6 @@ RDEPENDS:${PN} += "\
     ${PYTHON_PN}-requests \
     ${PYTHON_PN}-six \
 "
+
+# fixed-version: The vulnerability has been fixed since v3.1.0
+CVE_CHECK_IGNORE += "CVE-2012-5825"
-- 
cgit v1.2.3-54-g00ecf