A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.
[
{
"product": "dovecot22",
"vendor": "Fedora",
"versions": [
{
"status": "affected",
"version": "dovecot22-2.2.25-3.1"
}
]
},
{
"product": "dovecot22",
"vendor": "Fedora",
"versions": [
{
"status": "affected",
"version": "dovecot22-2.2.18-9.1"
}
]
},
{
"product": "dovecot22",
"vendor": "Fedora",
"versions": [
{
"status": "affected",
"version": "dovecot22-2.2.13-3.7.1"
}
]
}
]