[Git][security-tracker-team/security-tracker][master] dovecot CVEfied

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9bd20661 by Moritz Muehlenhoff at 2025-10-06T15:32:16+02:00
dovecot CVEfied

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4832,9 +4832,8 @@ CVE-2025-39868 (In the Linux kernel, the following vulnerability has been resolv
 	NOTE: https://git.kernel.org/linus/181993bb0d626cf88cc803f4356ce5c5abe86278 (6.17-rc6)
 CVE-2025-39867
 	REJECTED
-CVE-2025-XXXX [auth: Use AUTH_CACHE_KEY_USER instead of per-database constants]
+CVE-2025-30189 [auth: Use AUTH_CACHE_KEY_USER instead of per-database constants]
 	- dovecot 1:2.4.1+dfsg1-7 (bug #1115474)
-	[trixie] - dovecot 1:2.4.1+dfsg1-6+deb13u1
 	[bookworm] - dovecot <not-affected> (Vulnerable code introduced later)
 	[bullseye] - dovecot <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://github.com/dovecot/core/commit/2e298e7ee98b6df61cf85117f000290d60a473b8 (2.4.1)


=====================================
data/DSA/list
=====================================
@@ -1,4 +1,5 @@
 [05 Oct 2025] DSA-6019-1 dovecot - security update
+	{CVE-2025-30189}
 	[trixie] - dovecot 1:2.4.1+dfsg1-6+deb13u1
 [03 Oct 2025] DSA-6018-1 gegl - security update
 	{CVE-2025-10921}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bd2066192879258ef9fc57975cad4b64cc97757

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bd2066192879258ef9fc57975cad4b64cc97757
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251006/91c2cc6a/attachment.htm>