gimp: ignore already fixed CVEs

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0797 https://nvd.nist.gov/vuln/detail/CVE-2026-2044 https://nvd.nist.gov/vuln/detail/CVE-2026-2045 https://nvd.nist.gov/vuln/detail/CVE-2026-2047 https://nvd.nist.gov/vuln/detail/CVE-2026-2048 All these CVEs are already fixed in the recipe version, however NVD tracks them currently without CPE info. Ignore them. Relevant upstream commits: CVE-2026-0797: https://gitlab.gnome.org/GNOME/gimp/-/commit/ca449c745d58daa3f4b1ed4c2030d35d401a009d Note that the commit referenced by NVD is incorrect. This commit was identified from the relevant upstream Gitlab issue: https://gitlab.gnome.org/GNOME/gimp/-/issues/15555 CVE-2026-2044: https://gitlab.gnome.org/GNOME/gimp/-/commit/3b5f9ec2b4c03cf4a51a5414f2793844c26747e5 CVE-2026-2045: https://gitlab.gnome.org/GNOME/gimp/-/commit/bb896f67942557658b3fbfc67a1c073775c002c7 CVE-2026-2047: https://gitlab.gnome.org/GNOME/gimp/-/commit/5873e16f80cf4152d25a4c86b08553008a331e90 CVE-2026-2048: https://gitlab.gnome.org/GNOME/gimp/-/commit/fa69ac5ec5692f675de5c50a6df758f7d3e45117 Signed-off-by: Khem Raj <raj.khem@gmail.com>
author: Gyorgy Sarvari <skandigraun@gmail.com> 2026-02-23 20:18:40 +0100
committer: Khem Raj <raj.khem@gmail.com> 2026-02-24 22:30:27 -0800
commit: 9dec2c8aef23f1046a2b2c6eb6d3ec3a45893474 (patch)
tree: 2bee49a83fa050b8c3f27dd694c1f0aec3fa9207
parent: 3cabaa4ee7f65039dbf146a3506ee011da1ec2d4 (diff)
download: meta-openembedded-9dec2c8aef23f1046a2b2c6eb6d3ec3a45893474.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb b/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb
index 860fb5d26b..5cbb94055a 100644
--- a/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb
+++ b/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb
@@ -135,4 +135,7 @@ RDEPENDS:${PN} = "mypaint-brushes-1.0 glib-networking python3-pygobject"
 CVE_STATUS[CVE-2007-3741] = "not-applicable-platform: This only applies for Mandriva Linux"
 CVE_STATUS[CVE-2025-8672] = "not-applicable-config: the vulnerability only affects MacOS"
-CVE_STATUS[CVE-2025-15059] = "fixed-version: The issue is fixed since v3.0.8"
+CVE_STATUS_GROUPS += "CVE_STATUS_FIXED_ALREADY"
+CVE_STATUS_FIXED_ALREADY[status] = "fixed-version: The issue is fixed since v3.0.8"
+CVE_STATUS_FIXED_ALREADY = "CVE-2025-15059 CVE-2026-0797 CVE-2026-2044 CVE-2026-2045 CVE-2026-2047 CVE-2026-2048"
author	Gyorgy Sarvari <skandigraun@gmail.com>	2026-02-23 20:18:40 +0100
committer	Khem Raj <raj.khem@gmail.com>	2026-02-24 22:30:27 -0800
commit	9dec2c8aef23f1046a2b2c6eb6d3ec3a45893474 (patch)
tree	2bee49a83fa050b8c3f27dd694c1f0aec3fa9207
parent	3cabaa4ee7f65039dbf146a3506ee011da1ec2d4 (diff)
download	meta-openembedded-9dec2c8aef23f1046a2b2c6eb6d3ec3a45893474.tar.gz

diff --git a/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb b/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb index 860fb5d26b..5cbb94055a 100644 --- a/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb +++ b/meta-gnome/recipes-gimp/gimp/gimp_3.0.8.bb
@@ -135,4 +135,7 @@ RDEPENDS:${PN} = "mypaint-brushes-1.0 glib-networking python3-pygobject"
135		135
136	CVE_STATUS[CVE-2007-3741] = "not-applicable-platform: This only applies for Mandriva Linux"	136	CVE_STATUS[CVE-2007-3741] = "not-applicable-platform: This only applies for Mandriva Linux"
137	CVE_STATUS[CVE-2025-8672] = "not-applicable-config: the vulnerability only affects MacOS"	137	CVE_STATUS[CVE-2025-8672] = "not-applicable-config: the vulnerability only affects MacOS"
138	CVE_STATUS[CVE-2025-15059] = "fixed-version: The issue is fixed since v3.0.8"	138
		139	CVE_STATUS_GROUPS += "CVE_STATUS_FIXED_ALREADY"
		140	CVE_STATUS_FIXED_ALREADY[status] = "fixed-version: The issue is fixed since v3.0.8"
		141	CVE_STATUS_FIXED_ALREADY = "CVE-2025-15059 CVE-2026-0797 CVE-2026-2044 CVE-2026-2045 CVE-2026-2047 CVE-2026-2048"