Release date:
2026-05-08 06:10:35 UTC
Description:
- CVE-2026-27855: fix OTP authentication replay attack via auth cache
- CVE-2026-27856: fix doveadm credential timing oracle
- CVE-2026-27857: fix excessive memory usage from deeply nested IMAP command lists (pre-auth ID command)
Updated packages:
-
dovecot-2.3.16-15.el9.tuxcare.els1.i686.rpm
sha:f3fc02bf4df6be9c36d9a215ee3b26d654bda033f6c702e791afebc0949d062e
-
dovecot-2.3.16-15.el9.tuxcare.els1.x86_64.rpm
sha:a12bf1cd74f7d6ef3ffbc92449c7807a07a57ea4e44164b21256b8c5e682857f
-
dovecot-devel-2.3.16-15.el9.tuxcare.els1.i686.rpm
sha:4ec74eb1b8bbc3d043e46d00f9506d3f79e1f06d887348acd053c18dc3bfc0b4
-
dovecot-devel-2.3.16-15.el9.tuxcare.els1.x86_64.rpm
sha:fa282b238bad68f85a1296ce532fb209f50a49d73b4d0cb9e10bb78b565cf860
-
dovecot-mysql-2.3.16-15.el9.tuxcare.els1.x86_64.rpm
sha:e08518b7cdb63bec83e3786b4343a50abb833d0c36a661226aed603eaddb5b38
-
dovecot-pgsql-2.3.16-15.el9.tuxcare.els1.x86_64.rpm
sha:59a9f04935f7a682bb95e9ff936ad8dfb81436fb5b1ae90361359fe4b3e2d3a6
-
dovecot-pigeonhole-2.3.16-15.el9.tuxcare.els1.x86_64.rpm
sha:4214ac1a86272817f503f9e6946b203fc2e84a343f5b1ab21740c1e654ee4bdb
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
