CLSA-2026-1778614755

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1778614755.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1778614755

Upstream

CVE-2025-59032

CVE-2026-27858

Published

2026-05-12T19:39:20Z

Modified

2026-06-01T00:32:52.226963669Z

Summary

dovecot: Fix of 2 CVEs

Details

CVE-2026-27858: managesieve: fix DoS via crafted message before authentication that caused excessive memory allocation
CVE-2025-59032: managesieve: fix crash when AUTHENTICATE command does not finish on the first call (literal SASL initial response)

References

https://errata.tuxcare.com/els_os/tuxcare9.6esu/CLSA-2026-1778614755.html

Affected packages

TuxCare:AlmaLinux:9.6

dovecot

Package

Name: dovecot
Purl: pkg:rpm/tuxcare/dovecot?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-15.el9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1778614755.json"

dovecot-devel

Package

Name: dovecot-devel
Purl: pkg:rpm/tuxcare/dovecot-devel?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-15.el9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1778614755.json"

dovecot-mysql

Package

Name: dovecot-mysql
Purl: pkg:rpm/tuxcare/dovecot-mysql?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-15.el9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1778614755.json"

dovecot-pgsql

Package

Name: dovecot-pgsql
Purl: pkg:rpm/tuxcare/dovecot-pgsql?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-15.el9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1778614755.json"

dovecot-pigeonhole

Package

Name: dovecot-pigeonhole
Purl: pkg:rpm/tuxcare/dovecot-pigeonhole?distro=almalinux-9.6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:2.3.16-15.el9.tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1778614755.json"