diff mbox series

[meta-gnome,kirkstone] gimp: ignore irrelevant CVEs

Message ID 20260308140427.3258512-1-skandigraun@gmail.com
State New
Headers show
Series [meta-gnome,kirkstone] gimp: ignore irrelevant CVEs | expand

Commit Message

Gyorgy Sarvari March 8, 2026, 2:04 p.m. UTC 
These CVEs are not affecting the recipe, because they were introduced
later, in v3.0.

The commits the introduced the vulnerabilities:
CVE-2025-14423: https://gitlab.gnome.org/GNOME/gimp/-/commit/222bef78c71ed8562a610f6863d56c0b3e2bef68
CVE-2025-14424: https://gitlab.gnome.org/GNOME/gimp/-/commit/a0fc5a025ae3579609730ebabc3c84146385da76
CVE-2025-2047: https://gitlab.gnome.org/GNOME/gimp/-/commit/00232e17875d4676a2c797a429db23b1a9815db8

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-gnome/recipes-gimp/gimp/gimp_2.10.30.bb | 3 +++
 1 file changed, 3 insertions(+)
diff mbox series

Patch

diff --git a/meta-gnome/recipes-gimp/gimp/gimp_2.10.30.bb b/meta-gnome/recipes-gimp/gimp/gimp_2.10.30.bb
index ad9d34ef6d..4d2771e551 100644
--- a/meta-gnome/recipes-gimp/gimp/gimp_2.10.30.bb
+++ b/meta-gnome/recipes-gimp/gimp/gimp_2.10.30.bb
@@ -75,3 +75,6 @@  RDEPENDS:${PN} += "mypaint-brushes-1.0"
 
 # It has been fixed in version 2.2.16
 CVE_CHECK_IGNORE += "CVE-2007-3741"
+
+# These vulnerabilities were introduced in v3.0
+CVE_CHECK_IGNORE += "CVE-2025-14423 CVE-2025-14224 CVE-2025-2047"