Debian released advisory DSA-6197-2 concerning a regression within the dovecot package. While attempting to backport a fix for CVE-2025-59032, developers accidentally introduced errors that disrupt authentication against managesieved servers in Bookworm. System administrators are urged to upgrade their installations specifically to version 1:2.3.19.1+dfsg1-2.1+deb12u3 which contains the necessary correction.

[DSA 6197-2] dovecot regression update

[SECURITY] [DSA 6197-2] dovecot regression update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6197-2 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 06, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : dovecot

The Bookworm backport of the security fix for CVE-2025-59032 introduced
a regression in authenticating against managesieved.

For the oldstable distribution (bookworm), this problem has been fixed
in version 1:2.3.19.1+dfsg1-2.1+deb12u3.

We recommend that you upgrade your dovecot packages.

For the detailed security status of dovecot please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/dovecot

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/