[CLSA-2026:1783433580] Fix CVE(s): CVE-2024-32760
Type:
security
Severity:
Low
Release date:
2026-07-07 14:13:16 UTC
Description:
* SECURITY UPDATE: HTTP/3 QPACK dynamic table overflow - debian/patches/CVE-2024-32760.patch: allocate one extra slot in the dynamic table so a newly inserted entry can be added before older entries are evicted, preventing a temporary table overflow in ngx_http_v3_set_capacity - CVE-2024-32760
CVEs fixed:
Updated packages:
  • nginx1.25_1.25.5-1~trixie+tuxcare.els8_amd64.deb
    sha:84e6646694debcf64756df1aceb9671d7daf362a
  • nginx1.25_1.25.5-1~trixie+tuxcare.els8_arm64.deb
    sha:b4594736e1125a583e4779ff4fdb755c0b754400
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.