fix: improve gimp checker (#2992)

Improve gimp checker to avoid a false positive with stellarium which
embeds images created with GIMP 2.9.9

Signed-off-by: Fabrice Fontaine <[email protected]>
Co-authored-by: Terri Oda <[email protected]>

Author: ffontaine

cve_bin_tool/checkers/gimp.py

@@ -16,5 +16,5 @@
 class GimpChecker(Checker):
     CONTAINS_PATTERNS: list[str] = []
     FILENAME_PATTERNS = [r"gimp"]
-    VERSION_PATTERNS = [r"GIMP ([0-9]+\.[0-9]+\.[0-9]+)"]
+    VERSION_PATTERNS = [r"image-uri\r?\nGIMP ([0-9]+\.[0-9]+\.[0-9]+)"]
     VENDOR_PRODUCT = [("gimp", "gimp")]

test/test_data/gimp.py

@@ -2,7 +2,11 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 mapping_test_data = [
-    {"product": "gimp", "version": "2.6.10", "version_strings": ["GIMP 2.6.10"]}
+    {
+        "product": "gimp",
+        "version": "2.6.10",
+        "version_strings": ["image-uri\nGIMP 2.6.10"],
+    }
 ]
 package_test_data = [
     {

test/test_data/stellarium.py

@@ -10,7 +10,6 @@
         "package_name": "stellarium-1.2-9.fc39.aarch64.rpm",
         "product": "stellarium",
         "version": "1.2",
-        "other_products": ["gimp"],
     },
     {
         "url": "http://ftp.fr.debian.org/debian/pool/main/s/stellarium/",