CLSA-2026-1778278274

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1778278274.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1778278274

Upstream

CVE-2025-59032

CVE-2026-27858

Published

2026-05-08T22:11:24Z

Modified

2026-06-01T00:33:14.714590992Z

Summary

dovecot: Fix of 2 CVEs

Details

CVE-2026-27858: managesieve: fix DoS via crafted message before authentication that caused excessive memory allocation
CVE-2025-59032: managesieve: fix crash when AUTHENTICATE command does not finish on the first call (literal SASL initial response)

References

https://errata.tuxcare.com/els_os/centos-stream8els/CLSA-2026-1778278274.html

Affected packages

TuxCare:CentOS-Stream:8

dovecot

Package

Name: dovecot
Purl: pkg:rpm/tuxcare/dovecot?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-5.el8.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1778278274.json"

dovecot-devel

Package

Name: dovecot-devel
Purl: pkg:rpm/tuxcare/dovecot-devel?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-5.el8.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1778278274.json"

dovecot-mysql

Package

Name: dovecot-mysql
Purl: pkg:rpm/tuxcare/dovecot-mysql?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-5.el8.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1778278274.json"

dovecot-pgsql

Package

Name: dovecot-pgsql
Purl: pkg:rpm/tuxcare/dovecot-pgsql?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-5.el8.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1778278274.json"

dovecot-pigeonhole

Package

Name: dovecot-pigeonhole
Purl: pkg:rpm/tuxcare/dovecot-pigeonhole?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-5.el8.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1778278274.json"