From: Ankur Tyagi <[email protected]> Vulnerable versions are 2.4.0, 2.4.1 according to the full disclosure[1]
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-30189 [1] https://seclists.org/fulldisclosure/2025/Oct/29 Signed-off-by: Ankur Tyagi <[email protected]> Adapted to Kirkstone. Signed-off-by: Gyorgy Sarvari <[email protected]> --- meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb b/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb index b9473d0345..c1fa702eaa 100644 --- a/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb +++ b/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb @@ -78,3 +78,6 @@ FILES:${PN}-dbg += "${libdir}/dovecot/*/.debug" # CVE-2016-4983 affects only postinstall script on specific distribution CVE_CHECK_IGNORE += "CVE-2016-4983" + +# cpe-incorrect: The current version (2.3.14) is not affected. +CVE_CHECK_IGNORE += "CVE-2025-30189"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124532): https://lists.openembedded.org/g/openembedded-devel/message/124532 Mute This Topic: https://lists.openembedded.org/mt/117942493/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
