From 492b1b1adc1c546efd10b659d220a810736cc04a Mon Sep 17 00:00:00 2001
From: Alexandre Truong <alexandre.truong@smile.fr>
Date: Thu, 2 May 2024 11:55:23 +0200
Subject: [PATCH] evince: Update status for CVE-2011-0433 and CVE-2011-5244

The current version 46.0 is not affected by the issues.
Both issues have been fixed in commit [0].
The fix is in effect since early versions of evince (3.1.2).
Thus, both can be safely ignored.

[0]: https://gitlab.gnome.org/GNOME/evince/-/commit/efadec4ffcdde3373f6f4ca0eaac98dc963c4fd5

Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 meta-gnome/recipes-gnome/evince/evince_46.0.bb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meta-gnome/recipes-gnome/evince/evince_46.0.bb b/meta-gnome/recipes-gnome/evince/evince_46.0.bb
index 57eb994e13..291d325848 100644
--- a/meta-gnome/recipes-gnome/evince/evince_46.0.bb
+++ b/meta-gnome/recipes-gnome/evince/evince_46.0.bb
@@ -56,3 +56,7 @@ FILES:${PN} += "${datadir}/dbus-1 \
                 ${systemd_user_unitdir} \
 "
 FILES:${PN}-nautilus-extension = "${libdir}/nautilus/*/*so"
+
+CVE_PRODUCT = "evince"
+CVE_STATUS[CVE-2011-0433] = "fixed-version: No action required. The current version (46.0) is not affected by the CVE which has been patched since version 3.1.2"
+CVE_STATUS[CVE-2011-5244] = "fixed-version: No action required. The current version (46.0) is not affected by the CVE which has been patched since version 3.1.2"