From d1b12c6bd100a6b46d10cf75468e6d73a6c376b8 Mon Sep 17 00:00:00 2001
From: Alexandre Truong <alexandre.truong@smile.fr>
Date: Mon, 27 Oct 2025 15:15:52 +0100
Subject: [PATCH] evince: Update status for CVE-2011-0433 and CVE-2011-5244

The current version 46.0 is not affected by the issues.
Both issues have been fixed in commit [0].
The fix is in effect since early versions of evince (3.1.2).
Thus, both can be safely ignored.

[0]: https://gitlab.gnome.org/GNOME/evince/-/commit/efadec4ffcdde3373f6f4ca0eaac98dc963c4fd5

Signed-off-by: Alexandre Truong <alexandre.truong@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 492b1b1adc1c546efd10b659d220a810736cc04a)

Reworked for Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 meta-gnome/recipes-gnome/evince/evince_42.3.bb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meta-gnome/recipes-gnome/evince/evince_42.3.bb b/meta-gnome/recipes-gnome/evince/evince_42.3.bb
index 5f35d5b33b..7b6170a2f8 100644
--- a/meta-gnome/recipes-gnome/evince/evince_42.3.bb
+++ b/meta-gnome/recipes-gnome/evince/evince_42.3.bb
@@ -51,3 +51,7 @@ FILES:${PN} += "${datadir}/dbus-1 \
                 ${datadir}/thumbnailers \
 "
 FILES:${PN}-nautilus-extension = "${libdir}/nautilus/*/*so"
+
+CVE_PRODUCT = "evince"
+# fixed-version: No action required. The current version (42.3) is not affected by the CVE which has been patched since version 3.1.2
+CVE_CHECK_IGNORE += "CVE-2021-0433 CVE-2011-5244"