Red Hat Product Errata RHSA-2026:17625 - Security Advisory Issued: 2026-05-14 Updated: 2026-05-14 RHSA-2026:17625 - Security Advisory Overview Updated Packages Synopsis Important: dovecot security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for dovecot is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix(es): dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (CVE-2025-59032) dovecot: denial of service via crafted message before authentication (CVE-2026-27858) dovecot: denial of service via specially crafted NOOP command (CVE-2026-27857) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2452172 - CVE-2025-59032 dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command BZ - 2452175 - CVE-2026-27858 dovecot: denial of service via crafted message before authentication BZ - 2452179 - CVE-2026-27857 dovecot: denial of service via specially crafted NOOP command CVEs CVE-2025-59032 CVE-2026-27857 CVE-2026-27858 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM dovecot-2.3.16-11.el9_4.2.src.rpm SHA-256: ffa628abd1bff2b9b5c4d3e5013789d5e679b37bdc86f78c62576024b554c0a9 x86_64 dovecot-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: ddbeec8013ac0590261094f34369255ef2875590dd00fecbd9ac45092c66cd62 dovecot-debuginfo-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: a1ee1fe1f2b6b16fc1febfdef6b566e50b19f04d29bd32040de2a2ce9c4d85be dovecot-debugsource-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: b7cddc9f5f6added7a3f8fe53aa189613f00c122006fcc2fc37510db44380a14 dovecot-mysql-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 95db0aee3190fdc5be635b0a1ca1879c9d12cd4df41a53aea26db73e583f673a dovecot-mysql-debuginfo-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 6ca0a647a8faaadc0223e803c13dcae8a8b98f0c95d868fa8709739bddebd494 dovecot-pgsql-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 5bef766e23c24b541a2c8663a3e1afdf15c09a65bb034f9283a476bba9e1cd42 dovecot-pgsql-debuginfo-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 361ce5cca17e01ae259674c42b0ff49119b9803d7423009e6e6ea9b8c059ccad dovecot-pigeonhole-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 80fd8e6122ac5ee83ec69218bf40795a9386dec7f061bd501a0991c890857573 dovecot-pigeonhole-debuginfo-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 56c60bc213d3e72d08b4d4246d882f532101fbb882c1d9b7a06e97011f6d0bc2 Red Hat Enterprise Linux Server - AUS 9.4 SRPM dovecot-2.3.16-11.el9_4.2.src.rpm SHA-256: ffa628abd1bff2b9b5c4d3e5013789d5e679b37bdc86f78c62576024b554c0a9 x86_64 dovecot-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: ddbeec8013ac0590261094f34369255ef2875590dd00fecbd9ac45092c66cd62 dovecot-debuginfo-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: a1ee1fe1f2b6b16fc1febfdef6b566e50b19f04d29bd32040de2a2ce9c4d85be dovecot-debugsource-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: b7cddc9f5f6added7a3f8fe53aa189613f00c122006fcc2fc37510db44380a14 dovecot-mysql-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 95db0aee3190fdc5be635b0a1ca1879c9d12cd4df41a53aea26db73e583f673a dovecot-mysql-debuginfo-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 6ca0a647a8faaadc0223e803c13dcae8a8b98f0c95d868fa8709739bddebd494 dovecot-pgsql-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 5bef766e23c24b541a2c8663a3e1afdf15c09a65bb034f9283a476bba9e1cd42 dovecot-pgsql-debuginfo-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 361ce5cca17e01ae259674c42b0ff49119b9803d7423009e6e6ea9b8c059ccad dovecot-pigeonhole-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 80fd8e6122ac5ee83ec69218bf40795a9386dec7f061bd501a0991c890857573 dovecot-pigeonhole-debuginfo-2.3.16-11.el9_4.2.x86_64.rpm SHA-256: 56c60bc213d3e72d08b4d4246d882f532101fbb882c1d9b7a06e97011f6d0bc2 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 SRPM dovecot-2.3.16-11.el9_4.2.src.rpm SHA-256: ffa628abd1bff2b9b5c4d3e5013789d5e679b37bdc86f78c62576024b554c0a9 s390x dovecot-2.3.16-11.el9_4.2.s390x.rpm SHA-256: 30dd228276f8bc61eca9e2414e04b58283251024d83b01f06800737bbb56befd dovecot-debuginfo-2.3.16-11.el9_4.2.s390x.rpm SHA-256: 4cf38addb7bfccda494dd0cb74aa17c96d13d262301ee6dfd134e1e29adf1dff dovecot-debugsource-2.3.16-11.el9_4.2.s390x.rpm SHA-256: 61b40f05792ee2882146c00df7842c109a6cbed6a0f0f0f71acdf437578cdec9 dovecot-mysql-2.3.16-11.el9_4.2.s390x.rpm SHA-256: 33ed080b88888b2dcc14b9eb41d0372f017639e71d25b899f2cde0115ab640ee dovecot-mysql-debuginfo-2.3.16-11.el9_4.2.s390x.rpm SHA-256: 39fd7cd5bf9ecd77f2b09bbe1b7b93240976f1597ff00dea24edf6806cf69b72 dovecot-pgsql-2.3.16-11.el9_4.2.s390x.rpm SHA-256: d18d228b2654471f0aed16d6127895b8e43a1d87e4fd10e8a39e102760e98c7f dovecot-pgsql-debuginfo-2.3.16-11.el9_4.2.s390x.rpm SHA-256: b7b17f51862da3280e4019e1dd296b1b53dbe3d1600e1adda2231159fb411518 dovecot-pigeonhole-2.3.16-11.el9_4.2.s390x.rpm SHA-256: be98130258acdc9398471c04afb4fe0f06eae80c93892ef3c9be777c43208644 dovecot-pigeonhole-debuginfo-2.3.16-11.el9_4.2.s390x.rpm SHA-256: 62fc23aea8ed39cdfbfb61d7ba75cc6f47fbe097fc956ae3119fed17e0a99a6c Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 SRPM dovecot-2.3.16-11.el9_4.2.src.rpm SHA-256: ffa628abd1bff2b9b5c4d3e5013789d5e679b37bdc86f78c62576024b554c0a9 ppc64le dovecot-2.3.16-11.el9_4.2.ppc64le.rpm SHA-256: dd8427afc11780dacb7efa8a37e8477238d7d46b7e3976cbe0fa25dd4e6fd1e8 dovecot-debuginfo-2.3.16-11.el9_4.2.ppc64le.rpm SHA-256: dac65dd5fe08eba931b5f9ee31115487485aa5d7bf8b5c0dcab4df731255273e dovecot-debugsource-2.3.16-11.el9_4.2.ppc64le.rpm SHA-256: 67f47ef4667b1fef029cd5b856c43ddaf6c9d73c5a441a973131aaca3f5576c7 dovecot-mysql-2.3.16-11.el9_4.2.ppc64le.rpm SHA-256: acbde11d42d9af10abfee2078633b296d6d5d4a6191aac0f67725f7fdcaeef69 dovecot-mysql-debuginfo-2.3.16-11.el9_4.2.ppc64le.rpm SHA-256: 8e557c0994e0cccd73a850112daa51861b10d6e26ce4ae720fb6011c7b03862d dovecot-pgsql-2.3.16-11.el9_4.2.ppc64le.rpm SHA-256: abefc2fefd88b5b56efbefe4c192649ed2bb604b9e972d97e5bf18bc38ddcc1c dovecot-pgsql-debuginfo-2.3.16-11.el9_4.2.ppc64le.rpm SHA-256: 1a2554d970f7b6b2235721f5aefcde31fd0ad6f985faf720e5742270d81a7cf5 dovecot-pigeonhole-2.3.16-11.el9_4.2.ppc64le.rpm SHA-256: 0a369f45d4e8795a0543e7bc19694b33748c9cee31f438fe5aea565f563c13c7 dovecot-pigeonhole-debuginfo-2.3.16-11.el9_4.2.ppc64le.rpm SHA-256: 6cdb7504cdde0966f6fee7a946b1d32f5b0e83475a592912245ca568a0a13fa5 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 SRPM dovecot-2.3.16-11.el9_4.2.src.rpm SHA-256: ffa628abd1bff2b9b5c4d3e5013789d5e679b37bdc86f78c62576024b554c0a9 aarch64 dovecot-2.3.16-11.el9_4.2.aarch64.rpm SHA-256: f9d2482785152f099faa37a1e2198efe22536ee2857ffcd591014e71af990436 dovecot-debuginfo-2.3.16-11.el9_4.2.aarch64.rpm SHA-256: 6986d85e989a03e8dbbba25f77679e79f3283d13ef623b4b5143c1b30e93b8c0 dovecot-debugsource-2.3.16-11.el9_4.2.aarch64.rpm SHA-256: f5d73ade9c04a1920384b3149df2b9ca838631514beccbfd74ecb44337f01eaf dovecot-mysql-2.3.16-11.el9_4.2.aarch64.rpm SHA-256: bf24df4a5b8b141a1b7939dbafb82aaf3ee8af8e25a7e6b3188b0cb2ebadbf28 dovecot-mysql-debuginfo-2.3.16-11.el9_4.2.aarch64.rpm SHA-256: c777d9bdc2d12c1af139183ad5bbc643d541190c3cdd56ab0727c0b6f9cd1cbf dovecot-pgsql-2.3.16-11.el9_4.2.aarch64.rpm SHA-256: c827a462c704e86b79d4529ed40db3b57ecccc1b4f5ed1a114e6f07beb678c43 dovecot-pgsql-debuginfo-2.3.16-11.el9_4.2.aarch64.rpm SHA-256: 833eedee8f51417aa6c31abe5e1753a8056c37ec473a48b39fe52b61ecb46d25 dovecot-pigeonhole-2.3.16-11.el9_4.2.aarch64.rpm SHA-256: 3373e4c0d30b01036722f473b793d3cac2c187f584fbe94b76c46f8a62a5685a dovecot-pigeonhole-debuginfo-2.3.16-11.el9_4.2.aarch64.rpm SHA-256: d36be4006f0ca0cef1a7502602578347f486c67d39ea569caf5398761513a24e Red Hat