ELSA-2026-19364

ULN >
Oracle Linux Errata repository >
ELSA-2026-19364

ELSA-2026-19364 - dovecot security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-06-23

Description

[1:2.3.16-18]
- rebuild

[1:2.3.16-17]
- fix CVE-2026-27858: denial of service via crafted message before authentication (RHEL-161640)
- fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (RHEL-162288)
- fix CVE-2026-27857: denial of service via specially crafted NOOP command (RHEL-161679)

Related CVEs

CVE-2025-59032

CVE-2026-27857

CVE-2026-27858

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	dovecot-2.3.16-18.el9_8.src.rpm	90562bc8a66db5c692d6dcffa4acf1f271691bcc3a05591bbfc71548cc0f84ca	-	ol9_aarch64_appstream
	dovecot-2.3.16-18.el9_8.src.rpm	90562bc8a66db5c692d6dcffa4acf1f271691bcc3a05591bbfc71548cc0f84ca	-	ol9_aarch64_codeready_builder
	dovecot-2.3.16-18.el9_8.aarch64.rpm	1367b22ccefa129d795138398d0354c210b5eefe73118e3c17fb60e578f0ebb4	-	ol9_aarch64_appstream
	dovecot-devel-2.3.16-18.el9_8.aarch64.rpm	1fc4c817f3e4c8e289826dc0f8b59858ed788c0512a9e54679cef6a0c85bd7f9	-	ol9_aarch64_codeready_builder
	dovecot-mysql-2.3.16-18.el9_8.aarch64.rpm	737b2062f3217abf3bc83d87c02420b42f5c75f174c188673b5f62ed1c28ff7d	-	ol9_aarch64_appstream
	dovecot-pgsql-2.3.16-18.el9_8.aarch64.rpm	6156a80b35fc739f68b59bafdc76c41395ad2e1a6a60282b4536d4823ee4c270	-	ol9_aarch64_appstream
	dovecot-pigeonhole-2.3.16-18.el9_8.aarch64.rpm	e7cdd9a669b8b2159c01e106a85afd5005b381ce2b1ed43d45c35ee10612e397	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	dovecot-2.3.16-18.el9_8.src.rpm	90562bc8a66db5c692d6dcffa4acf1f271691bcc3a05591bbfc71548cc0f84ca	-	ol9_x86_64_appstream
	dovecot-2.3.16-18.el9_8.src.rpm	90562bc8a66db5c692d6dcffa4acf1f271691bcc3a05591bbfc71548cc0f84ca	-	ol9_x86_64_codeready_builder
	dovecot-2.3.16-18.el9_8.i686.rpm	a57840e8752daefb346e8ea6203e7577dbb0a72a0296b3c761c40bf28efc6084	-	ol9_x86_64_codeready_builder
	dovecot-2.3.16-18.el9_8.x86_64.rpm	79e97cbc7194bd902256f52178889bd710436f909c5052c41abcf317c9dc46d2	-	ol9_x86_64_appstream
	dovecot-devel-2.3.16-18.el9_8.i686.rpm	dbb29a9c8e38e85e2d8f4571657e1b30e27bb83d62be34269bda6a862a348b35	-	ol9_x86_64_codeready_builder
	dovecot-devel-2.3.16-18.el9_8.x86_64.rpm	67600c053c56ec0cd93392a070bfbaed2bc086a8bddc1573d606d9718086b31c	-	ol9_x86_64_codeready_builder
	dovecot-mysql-2.3.16-18.el9_8.x86_64.rpm	8dd820af0756ca29a2e246a66c7b8b993e62bd23ef462296be4cc0953b27c6ad	-	ol9_x86_64_appstream
	dovecot-pgsql-2.3.16-18.el9_8.x86_64.rpm	61676772a07d0fda46898f659be9bce5a90995aa464615ca93098dc6e4366db1	-	ol9_x86_64_appstream
	dovecot-pigeonhole-2.3.16-18.el9_8.x86_64.rpm	85afbe1f7ba029447e88dbf267b29272af46c5a78157715368e1a5ab1bf9d4d1	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691