From d994b091f699bf6a7feba7ecf01712ae280ce4ac Mon Sep 17 00:00:00 2001
From: Gyorgy Sarvari <skandigraun@gmail.com>
Date: Mon, 6 Apr 2026 21:06:24 +0200
Subject: [PATCH] dovecot: mark CVE-2026-0394 patched

Details: https://nvd.nist.gov/vuln/detail/CVE-2026-0394

As identified[1] by Debian, the recipe version already contains
the commits that fix this. Due to this mark it as patched.

[1]: https://security-tracker.debian.org/tracker/CVE-2026-0394

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
---
 meta-networking/recipes-support/dovecot/dovecot_2.4.1-4.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-networking/recipes-support/dovecot/dovecot_2.4.1-4.bb b/meta-networking/recipes-support/dovecot/dovecot_2.4.1-4.bb
index 769e693c5a..0f4ceac599 100644
--- a/meta-networking/recipes-support/dovecot/dovecot_2.4.1-4.bb
+++ b/meta-networking/recipes-support/dovecot/dovecot_2.4.1-4.bb
@@ -88,3 +88,4 @@ FILES:${PN}-dev += "${libdir}/dovecot/libdovecot*.so"
 FILES:${PN}-dbg += "${libdir}/dovecot/*/.debug"
 
 CVE_STATUS[CVE-2016-4983] = "not-applicable-platform: Affects only postinstall script on specific distribution."
+CVE_STATUS[CVE-2026-0394] = "fixed-version: fixed in 2.4.1"