dovecot-2.3.16-18.el9_8
エラータID: AXSA:2026-1023:04
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages.
Security Fix(es):
* dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (CVE-2025-59032)
* dovecot: denial of service via crafted message before authentication (CVE-2026-27858)
* dovecot: denial of service via specially crafted NOOP command (CVE-2026-27857)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-59032
ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it's not needed. Alternatively upgrade to a fixed version. No publicly available exploits are known.
CVE-2026-27857
Sending "NOOP (((...)))" command with 4000 parenthesis open+close results in ~1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possibly from even a single IP and create 1000 connections to allocate 1 GB of memory, which would likely result in reaching VSZ limit and killing the process and its other proxied connections. Attacker could connect possibly from even a single IP and create 1000 connections to allocate 1 GB of memory, which would likely result in reaching VSZ limit and killing the process and its other proxied connections. Install fixed version, there is no other remediation. No publicly available exploits are known.
CVE-2026-27858
Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No publicly available exploits are known.
Update packages.
ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it's not needed. Alternatively upgrade to a fixed version. No publicly available exploits are known.
Sending "NOOP (((...)))" command with 4000 parenthesis open+close results in ~1MB extra memory usage. Longer commands will result in client disconnection. This 1 MB can be left allocated for longer time periods by not sending the command ending LF. So attacker could connect possibly from even a single IP and create 1000 connections to allocate 1 GB of memory, which would likely result in reaching VSZ limit and killing the process and its other proxied connections. Attacker could connect possibly from even a single IP and create 1000 connections to allocate 1 GB of memory, which would likely result in reaching VSZ limit and killing the process and its other proxied connections. Install fixed version, there is no other remediation. No publicly available exploits are known.
Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No publicly available exploits are known.
N/A
SRPMS
- dovecot-2.3.16-18.el9_8.src.rpm
MD5: 5102edcf5f4de01cb541faac463b0087
SHA-256: b4590434be9ea1cda0777d3e7b578ae5fdfa74bf323847a89ff1b2765ac361ed
Size: 9.16 MB
Asianux Server 9 for x86_64
- dovecot-2.3.16-18.el9_8.i686.rpm
MD5: 270e1a762f52919720a5e7708e8673dd
SHA-256: 112fbba249cace1706029e342b42569e5df0a7c62e17cd4e9864da575544f68c
Size: 5.18 MB - dovecot-2.3.16-18.el9_8.x86_64.rpm
MD5: 3b116bdb6b714142043c991164e45a60
SHA-256: 3181239966633ed6862e8dfce15681182ee1a762843a0762d1286c0ce36be70e
Size: 4.83 MB - dovecot-devel-2.3.16-18.el9_8.i686.rpm
MD5: 49da9129706facd541718ca3a44b0079
SHA-256: f1e8282aa7ca3aaad70ec9ba6f50c74f634399f8e03551dcfef83a1c620a97e0
Size: 596.05 kB - dovecot-devel-2.3.16-18.el9_8.x86_64.rpm
MD5: 46d48dd260bfd32d308e185baba84a98
SHA-256: 34a6e38474dba8040cdd061288dddfe0b66073e0fb507865c064b72b0787bcde
Size: 596.08 kB - dovecot-mysql-2.3.16-18.el9_8.x86_64.rpm
MD5: cbaedb407b760e039d8bc4036b4f79b9
SHA-256: 49aa18ab07b1d46b5e83e0c735f85e1f7df4832f944f5637974009c332e6cb85
Size: 18.51 kB - dovecot-pgsql-2.3.16-18.el9_8.x86_64.rpm
MD5: 55fb9c62350f97fe2552044a552f515a
SHA-256: 136bd2ecad7efae1c75bc0c64be3642a9f625a961f5989a7459ac0c2aa66d898
Size: 22.44 kB - dovecot-pigeonhole-2.3.16-18.el9_8.x86_64.rpm
MD5: 4d150e7976355c54d6c82e3efa432a15
SHA-256: ed9c0f548a8c66f6468362b47aecc7dbeff1f36ac89de13652708a9d2bcfa53b
Size: 383.35 kB