|Type||Denial of service|
If the auth-policy component has been activated in Dovecot, then a remote user is able to use SASL authentication to crash the auth component. Workaround is to disable auth-policy component until a fix is in place. This can be done by commenting out all auth_policy_* settings.
marked as <=2.27 is vulnerable: https://access.redhat.com/security/cve/CVE-2016-8652