diff mbox series

[meta-networking,scarthgap] dovecot: ignore CVE-2025-30189

Message ID 20260214011317.179127-1-ankur.tyagi85@gmail.com
State New
Headers show
Series [meta-networking,scarthgap] dovecot: ignore CVE-2025-30189 | expand

Commit Message

Ankur Tyagi Feb. 14, 2026, 1:13 a.m. UTC 
From: Ankur Tyagi <ankur.tyagi85@gmail.com>

Vulnerable versions are 2.4.0, 2.4.1 according to the full disclosure[1]

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-30189

[1] https://seclists.org/fulldisclosure/2025/Oct/29

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
 meta-networking/recipes-support/dovecot/dovecot_2.3.21.1.bb | 1 +
 1 file changed, 1 insertion(+)
diff mbox series

Patch

diff --git a/meta-networking/recipes-support/dovecot/dovecot_2.3.21.1.bb b/meta-networking/recipes-support/dovecot/dovecot_2.3.21.1.bb
index 48e1e8a832..696257930a 100644
--- a/meta-networking/recipes-support/dovecot/dovecot_2.3.21.1.bb
+++ b/meta-networking/recipes-support/dovecot/dovecot_2.3.21.1.bb
@@ -73,3 +73,4 @@  FILES:${PN}-dev += "${libdir}/dovecot/libdovecot*.so"
 FILES:${PN}-dbg += "${libdir}/dovecot/*/.debug"
 
 CVE_STATUS[CVE-2016-4983] = "not-applicable-platform: Affects only postinstall script on specific distribution."
+CVE_STATUS[CVE-2025-30189] = "cpe-incorrect: The current version (2.3.21.1) is not affected."