[CLSA-2026:1779780248] Fix CVE(s): CVE-2026-42945
Type:
security
Severity:
Important
Release date:
2026-05-26 07:24:12 UTC
Description:
* SECURITY UPDATE: heap buffer overflow in ngx_http_rewrite_module due to is_args flag not being cleared after a rewrite with arguments - debian/patches/CVE-2026-42945.patch: clear e->is_args after regex in src/http/ngx_http_script.c - CVE-2026-42945
Updated packages:
  • libnginx-mod-http-geoip-1.26_1.26.3-3~trixie+tuxcare.els4_amd64.deb
    sha:7063b2a377a067140edfe3fd1a087422ae7730e0
  • libnginx-mod-http-image-filter-1.26_1.26.3-3~trixie+tuxcare.els4_amd64.deb
    sha:87f7b57ac02f6af38948c97bdf78bda0c06dd378
  • libnginx-mod-http-perl-1.26_1.26.3-3~trixie+tuxcare.els4_amd64.deb
    sha:ce0f08bde4f84590d187dff97900a78ed3bbb4b2
  • libnginx-mod-http-xslt-filter-1.26_1.26.3-3~trixie+tuxcare.els4_amd64.deb
    sha:fc8943dab0f1bc807f0ecd6d0c283439af1bc7dd
  • libnginx-mod-mail-1.26_1.26.3-3~trixie+tuxcare.els4_amd64.deb
    sha:275776f8f6a304fc33d0a335a31a9036de05a774
  • libnginx-mod-stream-1.26_1.26.3-3~trixie+tuxcare.els4_amd64.deb
    sha:ce42b2a5f65105b12c4249e888496b9cb840c71c
  • libnginx-mod-stream-geoip-1.26_1.26.3-3~trixie+tuxcare.els4_amd64.deb
    sha:4a500635d35ae83c20ad8a7e687d621bbd4b55cc
  • nginx1.26_1.26.3-3~trixie+tuxcare.els4_amd64.deb
    sha:c54ac422707892af4ab669a1783ec00edef90e6d
  • nginx1.26-common_1.26.3-3~trixie+tuxcare.els4_all.deb
    sha:c12e8b90724740531979aaccd24052cb45b12de3
  • nginx1.26-dev_1.26.3-3~trixie+tuxcare.els4_all.deb
    sha:84449703756bba42f9aba2a3f92508fdeeb97a38
  • nginx1.26-doc_1.26.3-3~trixie+tuxcare.els4_all.deb
    sha:df14234ddc120f89de9d993ff549290064cbfddc
  • libnginx-mod-http-geoip-1.26_1.26.3-3~trixie+tuxcare.els4_arm64.deb
    sha:358292ece5c64be0a435c4817a36d3462ad1031c
  • libnginx-mod-http-image-filter-1.26_1.26.3-3~trixie+tuxcare.els4_arm64.deb
    sha:f9e5a76e3d5104294009f53fd7db8cff611a62e2
  • libnginx-mod-http-perl-1.26_1.26.3-3~trixie+tuxcare.els4_arm64.deb
    sha:87abf61e189cd396651bcb6d78fa40f2a08278bc
  • libnginx-mod-http-xslt-filter-1.26_1.26.3-3~trixie+tuxcare.els4_arm64.deb
    sha:cb4fb893b6985f67989cb6510778354fd6974609
  • libnginx-mod-mail-1.26_1.26.3-3~trixie+tuxcare.els4_arm64.deb
    sha:adc340971391e42b160021a85ab4d0c93583f75f
  • libnginx-mod-stream-1.26_1.26.3-3~trixie+tuxcare.els4_arm64.deb
    sha:f35b6e5587c8871a8bd15ec0c7821f81053ac9de
  • libnginx-mod-stream-geoip-1.26_1.26.3-3~trixie+tuxcare.els4_arm64.deb
    sha:2ba6eef0e7056160037bd9f2cd8b15971f018a67
  • nginx1.26_1.26.3-3~trixie+tuxcare.els4_arm64.deb
    sha:1c3c6ca3a869e2340355dadab4f6fc5a9d4e3f37
  • nginx1.26-common_1.26.3-3~trixie+tuxcare.els4_all.deb
    sha:c12e8b90724740531979aaccd24052cb45b12de3
  • nginx1.26-dev_1.26.3-3~trixie+tuxcare.els4_all.deb
    sha:84449703756bba42f9aba2a3f92508fdeeb97a38
  • nginx1.26-doc_1.26.3-3~trixie+tuxcare.els4_all.deb
    sha:df14234ddc120f89de9d993ff549290064cbfddc
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.