gimp: ignore already fixed CVEs

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0797 https://nvd.nist.gov/vuln/detail/CVE-2026-2044 https://nvd.nist.gov/vuln/detail/CVE-2026-2045 https://nvd.nist.gov/vuln/detail/CVE-2026-2047 https://nvd.nist.gov/vuln/detail/CVE-2026-2048 All these CVEs are already fixed in the recipe version, however NVD tracks them currently without CPE info. Ignore them. Relevant upstream commits: CVE-2026-0797: ca449c745d Note that the commit referenced by NVD is incorrect. This commit was identified from the relevant upstream Gitlab issue: https://gitlab.gnome.org/GNOME/gimp/-/issues/15555 CVE-2026-2044: 3b5f9ec2b4 CVE-2026-2045: bb896f6794 CVE-2026-2047: 5873e16f80 CVE-2026-2048: fa69ac5ec5 Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-04-02 02:49:12 +00:00 · 2026-02-24 20:04:50 +01:00 · 2026-02-24 20:04:50 +01:00 · 4660316de2
commit 4660316de2
parent 12845752e1
1 changed files with 4 additions and 1 deletions
--- a/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb
+++ b/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb
@ -135,4 +135,7 @@ RDEPENDS:${PN} = "mypaint-brushes-1.0 glib-networking python3-pygobject"

 CVE_STATUS[CVE-2007-3741] = "not-applicable-platform: This only applies for Mandriva Linux"
 CVE_STATUS[CVE-2025-8672] = "not-applicable-config: the vulnerability only affects MacOS"
-CVE_STATUS[CVE-2025-15059] = "fixed-version: The issue is fixed since v3.0.8"
+
+CVE_STATUS_GROUPS += "CVE_STATUS_FIXED_ALREADY"
+CVE_STATUS_FIXED_ALREADY[status] = "fixed-version: The issue is fixed since v3.0.8"
+CVE_STATUS_FIXED_ALREADY = "CVE-2025-15059 CVE-2026-0797 CVE-2026-2044 CVE-2026-2045 CVE-2026-2047 CVE-2026-2048"