| Message ID | 20260406190624.3889147-2-skandigraun@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-networking,whinlatter,1/2] dovecot: patch CVE-2025-59031 | expand |
diff --git a/meta-networking/recipes-support/dovecot/dovecot_2.4.1-4.bb b/meta-networking/recipes-support/dovecot/dovecot_2.4.1-4.bb index 769e693c5a..0f4ceac599 100644 --- a/meta-networking/recipes-support/dovecot/dovecot_2.4.1-4.bb +++ b/meta-networking/recipes-support/dovecot/dovecot_2.4.1-4.bb @@ -88,3 +88,4 @@ FILES:${PN}-dev += "${libdir}/dovecot/libdovecot*.so" FILES:${PN}-dbg += "${libdir}/dovecot/*/.debug" CVE_STATUS[CVE-2016-4983] = "not-applicable-platform: Affects only postinstall script on specific distribution." +CVE_STATUS[CVE-2026-0394] = "fixed-version: fixed in 2.4.1"
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0394 As identified[1] by Debian, the recipe version already contains the commits that fix this. Due to this mark it as patched. [1]: https://security-tracker.debian.org/tracker/CVE-2026-0394 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- meta-networking/recipes-support/dovecot/dovecot_2.4.1-4.bb | 1 + 1 file changed, 1 insertion(+)