[CLSA-2026:1777978787] dovecot: Fix of CVE-2026-27857
Type:
security
Severity:
Important
Release date:
2026-05-05 10:59:54 UTC
Description:
- CVE-2026-27857: limit the number of open IMAP parser lists in imap-login to prevent excessive memory usage from deeply nested parentheses (e.g. NOOP (((...))))
Updated packages:
  • dovecot-2.3.8-9.el8.tuxcare.els3.i686.rpm
    sha:b40e13f67e02f9ece6bf82e6502d4cbc096435338169369bee60806722f45fe4
  • dovecot-2.3.8-9.el8.tuxcare.els3.x86_64.rpm
    sha:665e4538d7f4a230776b295b072b2b928cae5beac08e59d6090d32fe280065c1
  • dovecot-devel-2.3.8-9.el8.tuxcare.els3.i686.rpm
    sha:10311c044f9fb6348496f3fde1f0d2d8745a23d0b1cc418d6f4ca527791a7644
  • dovecot-devel-2.3.8-9.el8.tuxcare.els3.x86_64.rpm
    sha:a26dbf3daf05918b6a584b1c89e6253ff007e27a4382705f46d147717039d687
  • dovecot-mysql-2.3.8-9.el8.tuxcare.els3.x86_64.rpm
    sha:1ad3a869397821b04d40beeab3752e66d720169c07f4bcfdd0f1cb3640c8a1ce
  • dovecot-pgsql-2.3.8-9.el8.tuxcare.els3.x86_64.rpm
    sha:5a4508da20b4dedb52049708e9d04057fc811396eb7ec16b492f44e4dadf0ee6
  • dovecot-pigeonhole-2.3.8-9.el8.tuxcare.els3.x86_64.rpm
    sha:e76655b76da0d1a963b2969ef217ead6b992a022c0252c9c615a46de0d1e9df8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.