<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-openembedded.git/meta-networking/recipes-support/dovecot, branch master</title>
<subtitle>Mirror of git.openembedded.org/meta-openembedded</subtitle>
<id>https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=master</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-openembedded.git/atom?h=master'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/'/>
<updated>2026-05-21T04:18:32+00:00</updated>
<entry>
<title>dovecot: upgrade 2.4.3 -&gt; 2.4.4</title>
<updated>2026-05-21T04:18:32+00:00</updated>
<author>
<name>Wang Mingyu</name>
<email>wangmy@fujitsu.com</email>
</author>
<published>2026-05-19T11:38:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=05fe4e2bfc5a1b278e367b355e601c81183eecf2'/>
<id>urn:sha1:05fe4e2bfc5a1b278e367b355e601c81183eecf2</id>
<content type='text'>
Signed-off-by: Wang Mingyu &lt;wangmy@fujitsu.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>dovecot: Fix checksum mismatch</title>
<updated>2026-04-11T00:25:50+00:00</updated>
<author>
<name>Wang Mingyu</name>
<email>wangmy@fujitsu.com</email>
</author>
<published>2026-04-10T10:27:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=da03a64bd7bcd15ebf2930950095de7c8965377c'/>
<id>urn:sha1:da03a64bd7bcd15ebf2930950095de7c8965377c</id>
<content type='text'>
Update the sha256sum to match the current upstream archive.

Signed-off-by: Wang Mingyu &lt;wangmy@fujitsu.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>dovecot: ignore already fixed CVEs</title>
<updated>2026-04-06T16:46:30+00:00</updated>
<author>
<name>Gyorgy Sarvari</name>
<email>skandigraun@gmail.com</email>
</author>
<published>2026-04-06T12:03:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=e99441755f5f0675d42b534728471674fd488d92'/>
<id>urn:sha1:e99441755f5f0675d42b534728471674fd488d92</id>
<content type='text'>
The following CVEs are fixed in the current version already,
however they are tracked without version info.

Upstream has confirmed[1] that these vulnerabilities are fixed,
and Debian has also identified the relevant commits:

CVE-2025-30189: https://security-tracker.debian.org/tracker/CVE-2025-30189
CVE-2026-0394: https://security-tracker.debian.org/tracker/CVE-2026-0394
CVE-2026-24031: https://security-tracker.debian.org/tracker/CVE-2026-24031
CVE-2026-27855: https://security-tracker.debian.org/tracker/CVE-2026-27855
CVE-2026-27860: https://security-tracker.debian.org/tracker/CVE-2026-27860

[1]: https://seclists.org/fulldisclosure/2026/Mar/13

Signed-off-by: Gyorgy Sarvari &lt;skandigraun@gmail.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>dovecot: upgrade 2.4.2 -&gt; 2.4.3</title>
<updated>2026-04-01T20:16:40+00:00</updated>
<author>
<name>Gyorgy Sarvari</name>
<email>skandigraun@gmail.com</email>
</author>
<published>2026-03-31T11:13:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=0c78085b367cd2591a7a4614669db4cfe8374e38'/>
<id>urn:sha1:0c78085b367cd2591a7a4614669db4cfe8374e38</id>
<content type='text'>
Drop patch which is included in this release, and add a patch that
adapts a lua api call to the lua version that is used in OE.

License-Change: the unicode license text has been updated, there should
be no material change. However while examining these changes, I noticed
that some parts of the code are covered by licenses not mentined in the
recipe. It should reflect all licenses now.

Tis version contains fixes fox CVE-2025-59028, CVE-2025-59031, CVE-2026-24031,
CVE-2026-27859, CVE-2026-27860, CVE-2026-27857, CVE-2026-27856 and CVE-2026-27855

Changelog: https://github.com/dovecot/core/blob/main/NEWS

Signed-off-by: Gyorgy Sarvari &lt;skandigraun@gmail.com&gt;
Signed-off-by: Khem Raj &lt;khem.raj@oss.qualcomm.com&gt;
</content>
</entry>
<entry>
<title>dovecot: upgrade 2.4.1-4 -&gt; 2.4.2</title>
<updated>2025-12-23T02:20:58+00:00</updated>
<author>
<name>Gyorgy Sarvari</name>
<email>skandigraun@gmail.com</email>
</author>
<published>2025-12-22T19:18:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=d02f259dd40350a0d10e6390fd60fe944ee34677'/>
<id>urn:sha1:d02f259dd40350a0d10e6390fd60fe944ee34677</id>
<content type='text'>
Contains fix for CVE-2025-30189

Changelog: https://github.com/dovecot/core/releases/tag/2.4.2

Signed-off-by: Gyorgy Sarvari &lt;skandigraun@gmail.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>dovecot: Fix service start error</title>
<updated>2025-10-31T15:55:36+00:00</updated>
<author>
<name>Liu Yiding</name>
<email>liuyd.fnst@fujitsu.com</email>
</author>
<published>2025-10-31T05:37:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=e6c0f055d78726151eb9fee71c17d14e05597acb'/>
<id>urn:sha1:e6c0f055d78726151eb9fee71c17d14e05597acb</id>
<content type='text'>
1.Fix following dovecot.service starting error.
  dovecot[364]: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 48: cert_file: open(/etc/dovecot/ssl-cert.pem) failed: No such file or directory
  systemd[1]: dovecot.service: Main process exited, code=exited, status=89/n/a
  systemd[1]: dovecot.service: Failed with result 'exit-code'.

2. There is no need to do "touch ${D}/etc/dovecot/dovecot.conf" as it was created by dovecot after dovecot was upgraded to 2.4.1-4.

Signed-off-by: Liu Yiding &lt;liuyd.fnst@fujitsu.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>dovecot: ignore CVE-2016-4983 (again)</title>
<updated>2025-10-14T06:47:40+00:00</updated>
<author>
<name>Gyorgy Sarvari</name>
<email>skandigraun@gmail.com</email>
</author>
<published>2025-10-13T18:47:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=a637a72182b36a4ff30ef62f9834b0ad81027d38'/>
<id>urn:sha1:a637a72182b36a4ff30ef62f9834b0ad81027d38</id>
<content type='text'>
I removed the CVE_STATUS setting for CVE-2016-4983 when this recipe was
updated to 2.4.1-4 - but that was a mistake, the CVE database considers
(incorrectly) even the latest version as vulnerable.

Revert that mistake by adding back the correct CVE_STATUS to the recipe.

Signed-off-by: Gyorgy Sarvari &lt;skandigraun@gmail.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>dovecot: upgrade 2.3.21.1 -&gt; 2.4.1-4</title>
<updated>2025-10-06T21:14:37+00:00</updated>
<author>
<name>Gyorgy Sarvari</name>
<email>skandigraun@gmail.com</email>
</author>
<published>2025-10-06T20:04:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=0c6f60790a0a7f312fa4665998267586bea6a6df'/>
<id>urn:sha1:0c6f60790a0a7f312fa4665998267586bea6a6df</id>
<content type='text'>
Remove obsolete CVE_STATUS variable: CVE-2016-4983 is marked for v2.3.

Drop 0001-not-check-pandoc.patch because it became obsolete, pandoc is
not used anymore.
Drop 1ccd5b54a408d12fce0c94ab0bbaedbb5ef69830.patch, because it is
included in this release.

Add a backported patch to fix compiling with musl.

Changelog:
2.4: https://github.com/dovecot/core/releases/tag/2.4.0
2.4.1: https://github.com/dovecot/core/releases/tag/2.4.1

Signed-off-by: Gyorgy Sarvari &lt;skandigraun@gmail.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>dovecot: Upgrade to 2.3.21.1</title>
<updated>2024-11-23T17:00:14+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2024-11-23T02:10:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=e0c85bdc33b7df06a03607c1df704a402630592e'/>
<id>urn:sha1:e0c85bdc33b7df06a03607c1df704a402630592e</id>
<content type='text'>
Fix build with icu-76.x while here

Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
<entry>
<title>devecot: set dovecot.conf file mode with chmod</title>
<updated>2024-06-28T18:22:06+00:00</updated>
<author>
<name>Yi Zhao</name>
<email>yi.zhao@windriver.com</email>
</author>
<published>2024-06-28T06:06:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-openembedded.git/commit/?id=4b306f382f4cf133308c7eb4b056a755f5bc4c96'/>
<id>urn:sha1:4b306f382f4cf133308c7eb4b056a755f5bc4c96</id>
<content type='text'>
The touch command doesn't support file mode setting. Set it with chmod.

Signed-off-by: Yi Zhao &lt;yi.zhao@windriver.com&gt;
Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
</content>
</entry>
</feed>
