Skip to content

mailcow-dockerized

v2026-05c Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 8d Communication & Email
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

acme clamav docker dovecot groupware imap
+9 more
mail mailcow mailserver olefy postfix rspamd servercow smtp sogo

ReleasePort's take

Moderate signal
editorial:auto 8d

The release patches the unbound CVE-2026-33278 vulnerability in mailcow‑dockerized.

Why it matters: CVE‑2026‑33278 has a severity score of 90; applying this update mitigates high‑impact risk for all mailcow‑dockerized deployments.

Summary

AI summary

Fixes unbound CVE-2026-33278.

Changes in this release

Security Critical

Fixes unbound CVE-2026-33278 vulnerability

Fixes unbound CVE-2026-33278 vulnerability

Source: llm_adapter@2026-05-26

Confidence: high
Dependency Low

Updates Nginx to version 1.30.2

Updates Nginx to version 1.30.2

Source: llm_adapter@2026-05-26

Confidence: high
Dependency Low

Updates actions/stale GitHub Action to v10.3.0

Updates actions/stale GitHub Action to v10.3.0

Source: llm_adapter@2026-05-26

Confidence: high
Dependency Low

Updates devops-infra/action-pull-request to v1.1.2

Updates devops-infra/action-pull-request to v1.1.2

Source: llm_adapter@2026-05-26

Confidence: high
Full changelog

What's Changed

  • [Nginx] Update to 1.30.2 by @FreddleSpl0it in https://github.com/mailcow/mailcow-dockerized/pull/7259
  • fix unbound CVE-2026-33278 by @SYNLINQ in https://github.com/mailcow/mailcow-dockerized/pull/7252
  • Update actions/stale action to v10.3.0 by @renovate[bot] in https://github.com/mailcow/mailcow-dockerized/pull/7242
  • Translations update from Weblate by @milkmaker in https://github.com/mailcow/mailcow-dockerized/pull/7245
  • Update devops-infra/action-pull-request action to v1.1.2 by @renovate[bot] in https://github.com/mailcow/mailcow-dockerized/pull/7247
  • Update devops-infra/action-pull-request action to v1.1.3 by @renovate[bot] in https://github.com/mailcow/mailcow-dockerized/pull/7253
  • Update devops-infra/action-pull-request action to v1.2.0 by @renovate[bot] in https://github.com/mailcow/mailcow-dockerized/pull/7254

New Contributors

  • @SYNLINQ made their first contribution in https://github.com/mailcow/mailcow-dockerized/pull/7252

Full Changelog: https://github.com/mailcow/mailcow-dockerized/compare/2026-05b...2026-05c

Security Fixes

  • CVE-2026-33278 — unbound vulnerability fixed
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track mailcow-dockerized

Get notified when new releases ship.

Sign up free

About mailcow-dockerized

mailcow: dockerized - + =

All releases →

Related context

Related CVEs

Beta — feedback welcome: [email protected]