Release date:
2026-05-26 08:14:13 UTC
Description:
* SECURITY UPDATE: Heap buffer overrun in ngx_http_rewrite_module
- debian/patches/CVE-2026-42945.patch: clear is_args flag in
ngx_http_script_regex_end_code to fix escaping of captures and
possible buffer overrun
- CVE-2026-42945
Updated packages:
-
nginx1.25_1.25.5-1~bookworm+tuxcare.els4_amd64.deb
sha:266dba877a8ce50877b3d696b36248090e95d71e
-
nginx1.25_1.25.5-1~bookworm+tuxcare.els4_arm64.deb
sha:bb5b9f60a5973b823f6ba833df5ec4f2c4756358
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
