[Git][security-tracker-team/security-tracker][master] Reserve DSA number for dovecot update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Oct 5 13:06:46 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e4a13daf by Salvatore Bonaccorso at 2025-10-05T14:05:37+02:00
Reserve DSA number for dovecot update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -4677,6 +4677,7 @@ CVE-2025-39867
 	REJECTED
 CVE-2025-XXXX [auth: Use AUTH_CACHE_KEY_USER instead of per-database constants]
 	- dovecot 1:2.4.1+dfsg1-7 (bug #1115474)
+	[trixie] - dovecot 1:2.4.1+dfsg1-6+deb13u1
 	[bookworm] - dovecot <not-affected> (Vulnerable code introduced later)
 	[bullseye] - dovecot <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://github.com/dovecot/core/commit/2e298e7ee98b6df61cf85117f000290d60a473b8 (2.4.1)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,5 @@
+[05 Oct 2025] DSA-6019-1 dovecot - security update
+	[trixie] - dovecot 1:2.4.1+dfsg1-6+deb13u1
 [03 Oct 2025] DSA-6018-1 gegl - security update
 	{CVE-2025-10921}
 	[bookworm] - gegl 1:0.4.42-2+deb12u1


=====================================
data/dsa-needed.txt
=====================================
@@ -20,8 +20,6 @@ ark/oldstable (jmm)
 cpp-httplib
   Maintainer preparing updates, waiting for feedback on bookworm status
 --
-dovecot (carnil)
---
 frr/oldstable
   coordination with the maintainer ongoing, Daniel Baumann proposing an update
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4a13daf27e1182646374dab9326e203d63cde81

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4a13daf27e1182646374dab9326e203d63cde81
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251005/494038e7/attachment.htm>

More information about the debian-security-tracker-commits mailing list