[CLSA-2026:1783075562] Fix CVE(s): CVE-2026-40701
Type:
security
Severity:
Moderate
Release date:
2026-07-03 10:46:18 UTC
Description:
* SECURITY UPDATE: use-after-free in SSL/OCSP resolver cleanup - debian/patches/CVE-2026-40701.patch: call ngx_resolve_name_done() on connection close when an OCSP responder resolve is still in flight - CVE-2026-40701
CVEs fixed:
Updated packages:
  • libnginx-mod-http-geoip-1.26_1.26.3-3~bookworm+tuxcare.els8_amd64.deb
    sha:cfbecd3f31069a23c049e1831bd275247cf2cebe
  • libnginx-mod-http-image-filter-1.26_1.26.3-3~bookworm+tuxcare.els8_amd64.deb
    sha:1553a2beb796b783516eafafc4a10861bb785234
  • libnginx-mod-http-perl-1.26_1.26.3-3~bookworm+tuxcare.els8_amd64.deb
    sha:1b17d1f84704c0bba69d5898fa3e9bfb3f8d872f
  • libnginx-mod-http-xslt-filter-1.26_1.26.3-3~bookworm+tuxcare.els8_amd64.deb
    sha:25383ad0c8018cfa845c7afe733f941bce86f3cb
  • libnginx-mod-mail-1.26_1.26.3-3~bookworm+tuxcare.els8_amd64.deb
    sha:9707ebbd39badc70ac6506c1dc8b233c78ce1c43
  • libnginx-mod-stream-1.26_1.26.3-3~bookworm+tuxcare.els8_amd64.deb
    sha:4b8b5cfbcb171247cd777c354732d6a883841ddf
  • libnginx-mod-stream-geoip-1.26_1.26.3-3~bookworm+tuxcare.els8_amd64.deb
    sha:9db9e49676de03ae696ec547c04ca9eb588e2b22
  • nginx1.26_1.26.3-3~bookworm+tuxcare.els8_amd64.deb
    sha:d600194f5b125a6b93299ed3af2a62b03773b692
  • nginx1.26-common_1.26.3-3~bookworm+tuxcare.els8_all.deb
    sha:edaf319ba84085cf1a54afa322654d850ab80509
  • nginx1.26-dev_1.26.3-3~bookworm+tuxcare.els8_all.deb
    sha:4a117cd5d74c739c277c642bf51b9ec7f6e4105d
  • nginx1.26-doc_1.26.3-3~bookworm+tuxcare.els8_all.deb
    sha:c455a2d837df88c51a334e1c6fe386e7f8e7dddd
  • libnginx-mod-http-geoip-1.26_1.26.3-3~bookworm+tuxcare.els8_arm64.deb
    sha:f3a7e8214d1ba67ce1706bcf51a3deb13131c592
  • libnginx-mod-http-image-filter-1.26_1.26.3-3~bookworm+tuxcare.els8_arm64.deb
    sha:2f96a0851e63f08c2620ad4791510add27b4d3a0
  • libnginx-mod-http-perl-1.26_1.26.3-3~bookworm+tuxcare.els8_arm64.deb
    sha:2b0396393a900536da7d36ebd40ee2030d3dcc33
  • libnginx-mod-http-xslt-filter-1.26_1.26.3-3~bookworm+tuxcare.els8_arm64.deb
    sha:3b369d8d54de594801c3b6372de949f589a39c5a
  • libnginx-mod-mail-1.26_1.26.3-3~bookworm+tuxcare.els8_arm64.deb
    sha:4d7f65cbdbe927474b298db7eea3629e8b125fdb
  • libnginx-mod-stream-1.26_1.26.3-3~bookworm+tuxcare.els8_arm64.deb
    sha:a5227c6dda8647166cdd1f086be0877efb9b7427
  • libnginx-mod-stream-geoip-1.26_1.26.3-3~bookworm+tuxcare.els8_arm64.deb
    sha:0290de09aa4b51194be70bc301f333ec53c26bbb
  • nginx1.26_1.26.3-3~bookworm+tuxcare.els8_arm64.deb
    sha:8ba464cbf05e5cb14ab4a1ff3eedec2a4f304c96
  • nginx1.26-common_1.26.3-3~bookworm+tuxcare.els8_all.deb
    sha:edaf319ba84085cf1a54afa322654d850ab80509
  • nginx1.26-dev_1.26.3-3~bookworm+tuxcare.els8_all.deb
    sha:4a117cd5d74c739c277c642bf51b9ec7f6e4105d
  • nginx1.26-doc_1.26.3-3~bookworm+tuxcare.els8_all.deb
    sha:c455a2d837df88c51a334e1c6fe386e7f8e7dddd
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.