diff mbox series

[meta-gnome,scarthgap,1/2] gimp: ignore CVE-2025-14424

Message ID 20260304203944.2551023-1-skandigraun@gmail.com
State New
Headers show
Series [meta-gnome,scarthgap,1/2] gimp: ignore CVE-2025-14424 | expand

Commit Message

Gyorgy Sarvari March 4, 2026, 8:39 p.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-14424

The vulnerbaility was introduced in version 3.0.0, with commit[1].
The recipe version isn't vulnerable - ignore this CVE.

[1]: https://gitlab.gnome.org/GNOME/gimp/-/commit/a0fc5a025ae3579609730ebabc3c84146385da76

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb | 1 +
 1 file changed, 1 insertion(+)
diff mbox series

Patch

diff --git a/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb b/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb
index 8aa5ee09cb..dd3a1e3e1b 100644
--- a/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb
+++ b/meta-gnome/recipes-gimp/gimp/gimp_2.10.38.bb
@@ -78,3 +78,4 @@  RDEPENDS:${PN} += "mypaint-brushes-1.0"
 CVE_STATUS[CVE-2007-3741] = "not-applicable-platform: This only applies for Mandriva Linux"
 CVE_STATUS[CVE-2025-48796] = "cpe-incorrect: The current version (2.10.38) is not affected."
 CVE_STATUS[CVE-2025-14423] = "cpe-incorrect: The vulnerability was introduced in v3.0"
+CVE_STATUS[CVE-2025-14424] = "cpe-incorrect: The vulnerability was introduced in v3.0"