Candidate: CVE-2012-5825
PublicDate: 2012-11-04 22:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5825
 http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
Description:
 Tweepy does not verify that the server hostname matches a domain name in
 the subject's Common Name (CN) or subjectAltName field of the X.509
 certificate, which allows man-in-the-middle attackers to spoof SSL servers
 via an arbitrary valid certificate, related to use of the Python httplib
 library.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_tweepy:
upstream_tweepy: needed
hardy_tweepy: DNE
lucid_tweepy: DNE
oneiric_tweepy: ignored (reached end-of-life)
precise_tweepy: ignored (reached end-of-life)
precise/esm_tweepy: DNE (precise was needed)
quantal_tweepy: ignored (reached end-of-life)
raring_tweepy: ignored (reached end-of-life)
saucy_tweepy: ignored (reached end-of-life)
trusty_tweepy: ignored (reached end-of-life)
trusty/esm_tweepy: DNE (trusty was needed)
utopic_tweepy: ignored (reached end-of-life)
vivid_tweepy: ignored (reached end-of-life)
vivid/stable-phone-overlay_tweepy: DNE
vivid/ubuntu-core_tweepy: DNE
wily_tweepy: ignored (reached end-of-life)
xenial_tweepy: not-affected (3.1.0-2)
yakkety_tweepy: ignored (reached end-of-life)
zesty_tweepy: ignored (reached end-of-life)
artful_tweepy: ignored (reached end-of-life)
bionic_tweepy: not-affected (3.1.0-2)
cosmic_tweepy: not-affected (3.1.0-2)
disco_tweepy: not-affected (3.1.0-2)
devel_tweepy: not-affected (3.1.0-2)