-
Mon May 11 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-18
- rebuild
-
Mon May 04 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-17
- fix CVE-2026-27858: denial of service via crafted message before authentication (RHEL-161640)
- fix CVE-2025-59032: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command (RHEL-162288)
- fix CVE-2026-27857: denial of service via specially crafted NOOP command (RHEL-161679)
-
Mon Jan 12 2026 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-16
- add /var/lib/dovecot to tmpfiles for image mode (RHEL-139098)
- fix building with latest openssl (RHEL-140619)
-
Wed Feb 05 2025 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-15
- fix sysusers config file name (RHEL-77322)
-
Tue Aug 20 2024 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-14
- fix CVE-2024-23184: using a large number of address headers may trigger a denial of service (RHEL-55212)
- fix CVE-2024-23185: very large headers can cause resource exhaustion when parsing message (RHEL-55224)
-
Mon Aug 05 2024 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-13
- rebuild with updated tests
-
Mon Aug 05 2024 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-12
- fix crash when user has sieve script that includes two missing scripts (RHEL-37160)