[CLSA-2026:1783078534] Fix CVE(s): CVE-2026-40701
Type:
security
Severity:
Moderate
Release date:
2026-07-03 11:35:49 UTC
Description:
* SECURITY UPDATE: use-after-free in SSL/OCSP resolver cleanup - debian/patches/CVE-2026-40701.patch: call ngx_resolve_name_done() on connection close when an OCSP responder resolve is still in flight - CVE-2026-40701
CVEs fixed:
Updated packages:
  • libnginx-mod-http-geoip-1.26_1.26.3-3~trixie+tuxcare.els8_amd64.deb
    sha:232fef9056680329408beaaeb8f4d085e400ffe4
  • libnginx-mod-http-image-filter-1.26_1.26.3-3~trixie+tuxcare.els8_amd64.deb
    sha:ebfcc8c18e784ce5043c1d9ed65e56bc311516d5
  • libnginx-mod-http-perl-1.26_1.26.3-3~trixie+tuxcare.els8_amd64.deb
    sha:e14b4ec818dfaedc77e2438a1364a66aa8627103
  • libnginx-mod-http-xslt-filter-1.26_1.26.3-3~trixie+tuxcare.els8_amd64.deb
    sha:1ed385ddb9f33a0e9cb1322dbb8a5ec279b61083
  • libnginx-mod-mail-1.26_1.26.3-3~trixie+tuxcare.els8_amd64.deb
    sha:ce0fe780098b1c749a30e05516ec23346b71880f
  • libnginx-mod-stream-1.26_1.26.3-3~trixie+tuxcare.els8_amd64.deb
    sha:9d44646516ad9925a35d35dc4dd62880d3a04c76
  • libnginx-mod-stream-geoip-1.26_1.26.3-3~trixie+tuxcare.els8_amd64.deb
    sha:b6af3b7911e25183c510b03a80042f1d60eec534
  • nginx1.26_1.26.3-3~trixie+tuxcare.els8_amd64.deb
    sha:6a61f9caad63d278ea4eb9e354fe98456064eee7
  • nginx1.26-common_1.26.3-3~trixie+tuxcare.els8_all.deb
    sha:47721a8b14f1305f08a2c4140090234f14046725
  • nginx1.26-dev_1.26.3-3~trixie+tuxcare.els8_all.deb
    sha:f73c9279a51b625ae69c7fe3b26e335e4b66f4f5
  • nginx1.26-doc_1.26.3-3~trixie+tuxcare.els8_all.deb
    sha:295d5ee8ad51521b413d56f175835449972d7878
  • libnginx-mod-http-geoip-1.26_1.26.3-3~trixie+tuxcare.els8_arm64.deb
    sha:705f184c19808544c74cd3dba0f0f005edfd60e3
  • libnginx-mod-http-image-filter-1.26_1.26.3-3~trixie+tuxcare.els8_arm64.deb
    sha:d39d378fc434999ddd2d32b48e2324a6c3fb5e5a
  • libnginx-mod-http-perl-1.26_1.26.3-3~trixie+tuxcare.els8_arm64.deb
    sha:d0506acf212a54e66dd2cf6530cd4ac99cc0c892
  • libnginx-mod-http-xslt-filter-1.26_1.26.3-3~trixie+tuxcare.els8_arm64.deb
    sha:2f2375c2b01cb24a4dffe5f08fcabaeb7838c64f
  • libnginx-mod-mail-1.26_1.26.3-3~trixie+tuxcare.els8_arm64.deb
    sha:89432e6b8674a5279c8c7b414a4918ba37fee6c1
  • libnginx-mod-stream-1.26_1.26.3-3~trixie+tuxcare.els8_arm64.deb
    sha:75a050d6fed612753627bfb7473aca91ea582adf
  • libnginx-mod-stream-geoip-1.26_1.26.3-3~trixie+tuxcare.els8_arm64.deb
    sha:49d5111f9fac279a3c217e8d88c85e857266aac5
  • nginx1.26_1.26.3-3~trixie+tuxcare.els8_arm64.deb
    sha:b562c2660b89707af2c4b6e2db7560e7db86a4b2
  • nginx1.26-common_1.26.3-3~trixie+tuxcare.els8_all.deb
    sha:47721a8b14f1305f08a2c4140090234f14046725
  • nginx1.26-dev_1.26.3-3~trixie+tuxcare.els8_all.deb
    sha:f73c9279a51b625ae69c7fe3b26e335e4b66f4f5
  • nginx1.26-doc_1.26.3-3~trixie+tuxcare.els8_all.deb
    sha:295d5ee8ad51521b413d56f175835449972d7878
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.