ELSA-2026-13830

ULN >
Oracle Linux Errata repository >
ELSA-2026-13830

ELSA-2026-13830 - dovecot security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-05-06

Description

[1:2.3.16-7]
- fix CVE-2026-27858: denial of service via crafted message before authentication (RHEL-161630)
- fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (RHEL-162282)
- fix CVE-2026-27857: denial of service via specially crafted NOOP command (RHEL-161669)

Related CVEs

CVE-2025-59032

CVE-2026-27857

CVE-2026-27858

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	dovecot-2.3.16-7.el8_10.src.rpm	23200b4c4254f28772819edea13e80a0980bd8c605567abf47c691d86c0612f0	-	ol8_aarch64_appstream
	dovecot-2.3.16-7.el8_10.src.rpm	23200b4c4254f28772819edea13e80a0980bd8c605567abf47c691d86c0612f0	-	ol8_aarch64_codeready_builder
	dovecot-2.3.16-7.el8_10.aarch64.rpm	50407fbf052692d26e6cc584d66e4f3b50a9dfad454683399dad538a583d7426	-	ol8_aarch64_appstream
	dovecot-devel-2.3.16-7.el8_10.aarch64.rpm	ba910c65762172bcabcc5cc0d560f93d2b772c363256ef24232703d21231f832	-	ol8_aarch64_codeready_builder
	dovecot-mysql-2.3.16-7.el8_10.aarch64.rpm	3e8886949e1b4c85a24ffd6ec303f83462e4e66a0f9faa1db2c143075983f23e	-	ol8_aarch64_appstream
	dovecot-pgsql-2.3.16-7.el8_10.aarch64.rpm	9866576eb7e6721f06277c6bbad41e259d3ee6d8d69217b63cb368de1b720293	-	ol8_aarch64_appstream
	dovecot-pigeonhole-2.3.16-7.el8_10.aarch64.rpm	0c596db1d8195dcd46fba1e24ab693c7391c102e16b33292434d9c58a1d2b276	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	dovecot-2.3.16-7.el8_10.src.rpm	23200b4c4254f28772819edea13e80a0980bd8c605567abf47c691d86c0612f0	-	ol8_x86_64_appstream
	dovecot-2.3.16-7.el8_10.src.rpm	23200b4c4254f28772819edea13e80a0980bd8c605567abf47c691d86c0612f0	-	ol8_x86_64_codeready_builder
	dovecot-2.3.16-7.el8_10.i686.rpm	67dd6225026b1873991bcb761e44951023fb64732cd28df8442c03fa74b43778	-	ol8_x86_64_codeready_builder
	dovecot-2.3.16-7.el8_10.x86_64.rpm	68fdc6c7bba7a46ebbf3082745eb1ba864672fb492c85f6cc4919d0a8c0757f0	-	ol8_x86_64_appstream
	dovecot-devel-2.3.16-7.el8_10.i686.rpm	dbbcc42553228d6563ba7201727a492c02f67304cac60323d5252b3bc8dbf4c6	-	ol8_x86_64_codeready_builder
	dovecot-devel-2.3.16-7.el8_10.x86_64.rpm	88c390b83021ce29175e74781c723831b2c29aa7da36079984526cc2fe5ba92c	-	ol8_x86_64_codeready_builder
	dovecot-mysql-2.3.16-7.el8_10.x86_64.rpm	935ef57b926433eb525ec930db3aee898657c38cadac54d38e5863feed1e7b7b	-	ol8_x86_64_appstream
	dovecot-pgsql-2.3.16-7.el8_10.x86_64.rpm	00b23924702b3e5754d95de11d4eacee9d21f504dee1ee0f2ad367f7364ed1c6	-	ol8_x86_64_appstream
	dovecot-pigeonhole-2.3.16-7.el8_10.x86_64.rpm	f519abb777e139e0dfdcda0b77c077c585c2943715b942c4ff336ce3e700b184	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691