dovecot24-2.4.2-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:16738 Final 1 1 2025-10-29T00:00:00Z current 2025-10-29T00:00:00Z 2025-10-29T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z dovecot24-2.4.2-1.1 on GA media These are all security issues fixed in the dovecot24-2.4.2-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-16738 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2025-30189/ SUSE CVE CVE-2025-30189 page openSUSE Tumbleweed dovecot24-2.4.2-1.1 dovecot24-backend-mysql-2.4.2-1.1 dovecot24-backend-pgsql-2.4.2-1.1 dovecot24-backend-sqlite-2.4.2-1.1 dovecot24-devel-2.4.2-1.1 dovecot24-fts-2.4.2-1.1 dovecot24-fts-flatcurve-2.4.2-1.1 dovecot24-fts-solr-2.4.2-1.1 dovecot24-2.4.2-1.1 as a component of openSUSE Tumbleweed dovecot24-backend-mysql-2.4.2-1.1 as a component of openSUSE Tumbleweed dovecot24-backend-pgsql-2.4.2-1.1 as a component of openSUSE Tumbleweed dovecot24-backend-sqlite-2.4.2-1.1 as a component of openSUSE Tumbleweed dovecot24-devel-2.4.2-1.1 as a component of openSUSE Tumbleweed dovecot24-fts-2.4.2-1.1 as a component of openSUSE Tumbleweed dovecot24-fts-flatcurve-2.4.2-1.1 as a component of openSUSE Tumbleweed dovecot24-fts-solr-2.4.2-1.1 as a component of openSUSE Tumbleweed When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted passdb/userdb drivers. No publicly available exploits are known. CVE-2025-30189 openSUSE Tumbleweed:dovecot24-2.4.2-1.1 openSUSE Tumbleweed:dovecot24-backend-mysql-2.4.2-1.1 openSUSE Tumbleweed:dovecot24-backend-pgsql-2.4.2-1.1 openSUSE Tumbleweed:dovecot24-backend-sqlite-2.4.2-1.1 openSUSE Tumbleweed:dovecot24-devel-2.4.2-1.1 openSUSE Tumbleweed:dovecot24-fts-2.4.2-1.1 openSUSE Tumbleweed:dovecot24-fts-flatcurve-2.4.2-1.1 openSUSE Tumbleweed:dovecot24-fts-solr-2.4.2-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-30189.html CVE-2025-30189 https://bugzilla.suse.com/1252839 SUSE Bug 1252839