1 ignored security issue in jessie

package:
tweepy
severity:
low
created:
2015-07-12
last updated:
2019-02-07

There is 1 open security issue in jessie.
1 issue skipped by the security teams:
  • CVE-2012-5825: Tweepy does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the Python httplib library.
Please fix it.