Stay Connected:

ELSA-2026-13498

ELSA-2026-13498 - dovecot security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-05-05

Description


[1:2.3.21-16.1]
- fix CVE-2026-27858: denial of service via crafted message before authentication (RHEL-161625)
- fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (RHEL-162273)
- fix CVE-2026-27857: denial of service via specially crafted NOOP command (RHEL-161664)


Related CVEs


CVE-2025-59032
CVE-2026-27857
CVE-2026-27858

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 10 (aarch64) dovecot-2.3.21-16.el10_1.1.src.rpm9a4684c5bd33c6d1e84bb6f553f20e9c9b645634ab9c13a48bcbd1c298507cbf-ol10_aarch64_appstream
dovecot-2.3.21-16.el10_1.1.src.rpm9a4684c5bd33c6d1e84bb6f553f20e9c9b645634ab9c13a48bcbd1c298507cbf-ol10_aarch64_codeready_builder
dovecot-2.3.21-16.el10_1.1.aarch64.rpmbf5a5276cc66d472dd645e66b55acb480bcda80d26be2164a29a0ab6fb1df1a7-ol10_aarch64_appstream
dovecot-devel-2.3.21-16.el10_1.1.aarch64.rpmec7bf1439d9c8ba78eb324e5a760d8172a9630ec76642a9e7b494702ba4115f8-ol10_aarch64_codeready_builder
dovecot-mysql-2.3.21-16.el10_1.1.aarch64.rpm60acbdf19e41a35e52fab556c755e2e3e20e46fadaff71783f3f7c63d8e36c8b-ol10_aarch64_appstream
dovecot-pgsql-2.3.21-16.el10_1.1.aarch64.rpmeae60ba21473b23b60b8e4fcb107b184829118271fb357d2ecd05fdc9e46d9a5-ol10_aarch64_appstream
dovecot-pigeonhole-2.3.21-16.el10_1.1.aarch64.rpm42536da229e31c568e47c3f85a2442584e1c6575a2261984d767b4f8dda3ece6-ol10_aarch64_appstream
Oracle Linux 10 (x86_64) dovecot-2.3.21-16.el10_1.1.src.rpm9a4684c5bd33c6d1e84bb6f553f20e9c9b645634ab9c13a48bcbd1c298507cbf-ol10_x86_64_appstream
dovecot-2.3.21-16.el10_1.1.src.rpm9a4684c5bd33c6d1e84bb6f553f20e9c9b645634ab9c13a48bcbd1c298507cbf-ol10_x86_64_codeready_builder
dovecot-2.3.21-16.el10_1.1.x86_64.rpmc484ea8f0e8c249abccaeafb4dcd1a0ee4daeaadc4d73820fb3061885a4fde45-ol10_x86_64_appstream
dovecot-devel-2.3.21-16.el10_1.1.x86_64.rpm5bef32507c1c8372bdc56d1d7ebee778e95e9e68a34cc4eb4ce5b9edf41c3891-ol10_x86_64_codeready_builder
dovecot-mysql-2.3.21-16.el10_1.1.x86_64.rpm5002dfd16eab23a9c68857cf10e1bfdad125058586bbd7c31626cafaa2ef5eb6-ol10_x86_64_appstream
dovecot-pgsql-2.3.21-16.el10_1.1.x86_64.rpm0f2de7c009e8979054f37a59eaeb1bd88afff98b1879adb43a16e4de18152e19-ol10_x86_64_appstream
dovecot-pigeonhole-2.3.21-16.el10_1.1.x86_64.rpm367b944bd0a1c54cb5f47eea50f960be56d14c3a6e5a1891e2355fb3e0cbaa32-ol10_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights