Release date:
2026-07-07 13:38:39 UTC
Description:
* SECURITY UPDATE: CRLF injection via resolved SMTP client host name
- debian/patches/CVE-2026-28753.patch: validate that the host name
resolved from the client address contains only RFC 1034 Section 3.5
characters before using it in auth_http and smtp proxy
- CVE-2026-28753
Updated packages:
-
libnginx-mod-http-geoip-1.26_1.26.3-3~bookworm+tuxcare.els9_amd64.deb
sha:1588756c1ad17b4ac730a273e03a5c86a3eb970d
-
libnginx-mod-http-image-filter-1.26_1.26.3-3~bookworm+tuxcare.els9_amd64.deb
sha:2742faf963fda4ec285fc93aa8f5824b24ced0a7
-
libnginx-mod-http-perl-1.26_1.26.3-3~bookworm+tuxcare.els9_amd64.deb
sha:76416f6bf53ec3aa02eb481ed62ef52c071025ce
-
libnginx-mod-http-xslt-filter-1.26_1.26.3-3~bookworm+tuxcare.els9_amd64.deb
sha:0ff4cd559f7a543dc0be9e820c9fd7c90019be87
-
libnginx-mod-mail-1.26_1.26.3-3~bookworm+tuxcare.els9_amd64.deb
sha:722d094d7f5c8263dcf83666afad735ad871e7fc
-
libnginx-mod-stream-1.26_1.26.3-3~bookworm+tuxcare.els9_amd64.deb
sha:c1c1c929fcdb124aa34663bb38d476b63bae4df7
-
libnginx-mod-stream-geoip-1.26_1.26.3-3~bookworm+tuxcare.els9_amd64.deb
sha:fd3043f9a62d232a89e38598f1c1bee50fe6a608
-
nginx1.26_1.26.3-3~bookworm+tuxcare.els9_amd64.deb
sha:8d16fef5df41aceab0dc391ed50bc3e0a78fd8d7
-
nginx1.26-common_1.26.3-3~bookworm+tuxcare.els9_all.deb
sha:bad755084df3680fb0a1c368efa6645fbc0ab0ad
-
nginx1.26-dev_1.26.3-3~bookworm+tuxcare.els9_all.deb
sha:88b89f03d9e458bc2d4ca953fd8f39ef4acce8ab
-
nginx1.26-doc_1.26.3-3~bookworm+tuxcare.els9_all.deb
sha:d8d6a8da0e96f2b74c07d44c0c4f65dcc3885d24
-
libnginx-mod-http-geoip-1.26_1.26.3-3~bookworm+tuxcare.els9_arm64.deb
sha:f39a274794a664bfabc000bb732d07175b87a57d
-
libnginx-mod-http-image-filter-1.26_1.26.3-3~bookworm+tuxcare.els9_arm64.deb
sha:028f1f2dd9a4b000098818aded40ab51fc010063
-
libnginx-mod-http-perl-1.26_1.26.3-3~bookworm+tuxcare.els9_arm64.deb
sha:3d26fd812e3f1926dba67b422ee6e84cfab5764c
-
libnginx-mod-http-xslt-filter-1.26_1.26.3-3~bookworm+tuxcare.els9_arm64.deb
sha:1def7ad63f571ce24c4b2a2b0209d9eb0efb5859
-
libnginx-mod-mail-1.26_1.26.3-3~bookworm+tuxcare.els9_arm64.deb
sha:b40c39ce0024d11e56c25339d48880808342055d
-
libnginx-mod-stream-1.26_1.26.3-3~bookworm+tuxcare.els9_arm64.deb
sha:d8be430bf7cc18935fe73d0f94ddd788c92b7c41
-
libnginx-mod-stream-geoip-1.26_1.26.3-3~bookworm+tuxcare.els9_arm64.deb
sha:88643087926783ff8d075f2dbede33fe5d2241da
-
nginx1.26_1.26.3-3~bookworm+tuxcare.els9_arm64.deb
sha:e3ed9507e8830b86069b14a002c7bfaf0a767e17
-
nginx1.26-common_1.26.3-3~bookworm+tuxcare.els9_all.deb
sha:bad755084df3680fb0a1c368efa6645fbc0ab0ad
-
nginx1.26-dev_1.26.3-3~bookworm+tuxcare.els9_all.deb
sha:88b89f03d9e458bc2d4ca953fd8f39ef4acce8ab
-
nginx1.26-doc_1.26.3-3~bookworm+tuxcare.els9_all.deb
sha:d8d6a8da0e96f2b74c07d44c0c4f65dcc3885d24
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.