[ALSA-2026:19149] Important: dovecot security update
Type:
security
Severity:
important
Release date:
2026-05-26
Description:
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): * dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (CVE-2025-59032) * dovecot: denial of service via crafted message before authentication (CVE-2026-27858) * dovecot: denial of service via specially crafted NOOP command (CVE-2026-27857) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 dovecot-pgsql-2.3.21-19.el10_2.aarch64.rpm 21e68865ac13af9dc8a413cc68a52aa9fd391202f342a076925efe1af2c14d46
aarch64 dovecot-pigeonhole-2.3.21-19.el10_2.aarch64.rpm 497cdb974c42021e175fe0a860b684b82f43c151e7577afcb786102b72837241
aarch64 dovecot-2.3.21-19.el10_2.aarch64.rpm 81502aeb657b25edcb2bc6983c889c6d786d98a592b9df521c84e3671470d90a
aarch64 dovecot-mysql-2.3.21-19.el10_2.aarch64.rpm 872075cf671f1ea8dc0415d4d10847ae20eb1574255374344c9200520a603829
aarch64 dovecot-devel-2.3.21-19.el10_2.aarch64.rpm ff5fa545b3a3e886fd1567dad6f7f4b7076613d73e612a430225fcf17f5a534c
ppc64le dovecot-2.3.21-19.el10_2.ppc64le.rpm 86dec3d3284dff48f9f9d5b48b2cda02af2ff1f95de8d0246efd2a6d80fed6d7
ppc64le dovecot-devel-2.3.21-19.el10_2.ppc64le.rpm b1e8b8c74b69b8ddb2b6e3d2afbaca97ae5290a5a2716e1b490f96a4d2ebe867
ppc64le dovecot-mysql-2.3.21-19.el10_2.ppc64le.rpm b22b330e25271dbcafba4f65ac51b25380d550152a8e4307a50e686d949caaf4
ppc64le dovecot-pigeonhole-2.3.21-19.el10_2.ppc64le.rpm cabf9e5bf440b5d41041ee7429452592d1e2fe99968ea94097112ca4240188b1
ppc64le dovecot-pgsql-2.3.21-19.el10_2.ppc64le.rpm cd1837deca4627a473cacf4640f9864f076ea3543615e9efb249dca8648b9972
s390x dovecot-pgsql-2.3.21-19.el10_2.s390x.rpm 121d20b4d3b83dbf751b740bf49abac9f255cae28c197676ef426442d1041f6c
s390x dovecot-pigeonhole-2.3.21-19.el10_2.s390x.rpm 1647928d1a366e1089cf78274c3e5b31a3ab3065eb74023bd5869d3161e1643f
s390x dovecot-2.3.21-19.el10_2.s390x.rpm 3cbd2c661b6354aa8bc69e904a605b38214b925b6c2704eec09520c99f02f3df
s390x dovecot-mysql-2.3.21-19.el10_2.s390x.rpm 41e24d206170f151984014a607da6c4361dfe3eddf27d01141273b1b9c87aba5
s390x dovecot-devel-2.3.21-19.el10_2.s390x.rpm d32189b52af12d0a1881f8b4ebe04dc9210487c93342e63a5630c96f86d29456
x86_64 dovecot-devel-2.3.21-19.el10_2.x86_64.rpm 57395fcf03046dbd4ab349af66d2d301c894dd5a29e0b322087213fe25c5f5d1
x86_64 dovecot-mysql-2.3.21-19.el10_2.x86_64.rpm 9cc4f475bec6141a8019b2677d0f56e29f67daace9d24190de3b05d3c841fa92
x86_64 dovecot-pigeonhole-2.3.21-19.el10_2.x86_64.rpm a5e4de560b44dfce218ba307862f96ae70f46cea4bb46e8f3f0cfdc5577a7e45
x86_64 dovecot-2.3.21-19.el10_2.x86_64.rpm d124991608546945f628b861555da467f0a2aa9b090a9082b76f1b542b7eb487
x86_64 dovecot-pgsql-2.3.21-19.el10_2.x86_64.rpm deec3c7c1cbcfcc3992e5f4615f18e78d43a31bb729c8241ea9d8b444b9479ab
x86_64_v2 dovecot-pigeonhole-2.3.21-19.el10_2.x86_64_v2.rpm 0a5e14d6751fcdd9c7a1c920d8ec232d5dd3fe2851a7d916f558d9a91e41eede
x86_64_v2 dovecot-mysql-2.3.21-19.el10_2.x86_64_v2.rpm 6a912f985dfdd03fe7d5b6a1f7680b7a3a9d06aada4cab6d2d26362e992270a6
x86_64_v2 dovecot-devel-2.3.21-19.el10_2.x86_64_v2.rpm 73ffb7b346dcf3e988acdaedd5c24d72433c19613925272faecbb866dbd8bba7
x86_64_v2 dovecot-2.3.21-19.el10_2.x86_64_v2.rpm 7e54619b20d6af85681ae3204ac245fcce7ed87f9388325939d7dd0bfd57fd84
x86_64_v2 dovecot-pgsql-2.3.21-19.el10_2.x86_64_v2.rpm 8c8614e66f4962e66255fbbdc55a710f5b4f99ed22c420eb44c8a1e0b5226636
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.