CLSA-2026-1778255734

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778255734.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1778255734

Upstream

CVE-2025-59032

CVE-2026-27858

Published

2026-05-08T21:08:31Z

Modified

2026-06-01T00:32:29.856411895Z

Summary

dovecot: Fix of 2 CVEs

Details

CVE-2026-27858: bound managesieve-login AUTHENTICATE initial response size to prevent memory exhaustion DoS before authentication
CVE-2025-59032: fix managesieve-login crash when AUTHENTICATE command did not finish on the first call due to literal SASL initial response

References

https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2026-1778255734.html

Affected packages

TuxCare:AlmaLinux:9.2

dovecot

Package

Name: dovecot
Purl: pkg:rpm/tuxcare/dovecot?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-8.el9.tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778255734.json"

dovecot-devel

Package

Name: dovecot-devel
Purl: pkg:rpm/tuxcare/dovecot-devel?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-8.el9.tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778255734.json"

dovecot-mysql

Package

Name: dovecot-mysql
Purl: pkg:rpm/tuxcare/dovecot-mysql?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-8.el9.tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778255734.json"

dovecot-pgsql

Package

Name: dovecot-pgsql
Purl: pkg:rpm/tuxcare/dovecot-pgsql?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-8.el9.tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778255734.json"

dovecot-pigeonhole

Package

Name: dovecot-pigeonhole
Purl: pkg:rpm/tuxcare/dovecot-pigeonhole?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-8.el9.tuxcare.els4

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778255734.json"