dovecot: ignore CVE-2025-30189

Vulnerable versions are 2.4.0, 2.4.1 according to the full disclosure[1] Details: https://nvd.nist.gov/vuln/detail/CVE-2025-30189 [1] https://seclists.org/fulldisclosure/2025/Oct/29 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-06-13 17:39:57 +00:00 · 2026-02-14 14:13:16 +13:00
parent f243689cda
commit c9662d5451
1 changed files with 1 additions and 0 deletions
@@ -73,3 +73,4 @@ FILES:${PN}-dev += "${libdir}/dovecot/libdovecot*.so"
 FILES:${PN}-dbg += "${libdir}/dovecot/*/.debug"

 CVE_STATUS[CVE-2016-4983] = "not-applicable-platform: Affects only postinstall script on specific distribution."
+CVE_STATUS[CVE-2025-30189] = "cpe-incorrect: The current version (2.3.21.1) is not affected."