Release date:
2026-07-08 16:50:26 UTC
Description:
* SECURITY UPDATE: CRLF injection via resolved SMTP client host name
- debian/patches/CVE-2026-28753.patch: validate that the host name
resolved from the client address contains only RFC 1034 Section 3.5
characters before using it in auth_http and smtp proxy
- CVE-2026-28753
Updated packages:
-
libnginx-mod-http-geoip-1.26_1.26.3-3~trixie+tuxcare.els9_amd64.deb
sha:ed98b265de57efd196233700aa97062c2215f050
-
libnginx-mod-http-image-filter-1.26_1.26.3-3~trixie+tuxcare.els9_amd64.deb
sha:dbc248587e4df5a7e9860a396e28f387c7ed5b9a
-
libnginx-mod-http-perl-1.26_1.26.3-3~trixie+tuxcare.els9_amd64.deb
sha:54d2a8c9092313cdc3aaa39dbba74a11fa3ce422
-
libnginx-mod-http-xslt-filter-1.26_1.26.3-3~trixie+tuxcare.els9_amd64.deb
sha:6a47bd0e50aef96283ae5bb3c413a6d829cbc671
-
libnginx-mod-mail-1.26_1.26.3-3~trixie+tuxcare.els9_amd64.deb
sha:5f80a0ef2853b163f152602c2e8e685c20d94f3f
-
libnginx-mod-stream-1.26_1.26.3-3~trixie+tuxcare.els9_amd64.deb
sha:a2a1c3967b453819383653a6d2e6bfbcb70b372b
-
libnginx-mod-stream-geoip-1.26_1.26.3-3~trixie+tuxcare.els9_amd64.deb
sha:776658ecb950d18c9e9d963eaf060e2cfd2ae10c
-
nginx1.26_1.26.3-3~trixie+tuxcare.els9_amd64.deb
sha:d0349102c29168ba4176a41371e1ab78fa2d8f2f
-
nginx1.26-common_1.26.3-3~trixie+tuxcare.els9_all.deb
sha:2bdf0779843470ba94c8fa86204c0e923692e20b
-
nginx1.26-dev_1.26.3-3~trixie+tuxcare.els9_all.deb
sha:c48d0c4129d0e155135250da4b416c7d4f035fa9
-
nginx1.26-doc_1.26.3-3~trixie+tuxcare.els9_all.deb
sha:911795436c9166de0ba7a6b4bae6242b165e4840
-
libnginx-mod-http-geoip-1.26_1.26.3-3~trixie+tuxcare.els9_arm64.deb
sha:28b36a0fb45b18bd5cdb4cd67f173138421c8ccc
-
libnginx-mod-http-image-filter-1.26_1.26.3-3~trixie+tuxcare.els9_arm64.deb
sha:1d4dcb1982003157309db36057c97dc69ea6265b
-
libnginx-mod-http-perl-1.26_1.26.3-3~trixie+tuxcare.els9_arm64.deb
sha:23de3a0f35b826849e6e968485bdf678c8007322
-
libnginx-mod-http-xslt-filter-1.26_1.26.3-3~trixie+tuxcare.els9_arm64.deb
sha:b58890be421cc44693ccb9967a884117579c0736
-
libnginx-mod-mail-1.26_1.26.3-3~trixie+tuxcare.els9_arm64.deb
sha:1f78159f9fd31d3a813d56c696cc753e1e23ae45
-
libnginx-mod-stream-1.26_1.26.3-3~trixie+tuxcare.els9_arm64.deb
sha:c3e24fa96e497418c6f4ffe00ed3bce9b49686b7
-
libnginx-mod-stream-geoip-1.26_1.26.3-3~trixie+tuxcare.els9_arm64.deb
sha:531b0d9adc545ddf83e8eea98f8db29dda566552
-
nginx1.26_1.26.3-3~trixie+tuxcare.els9_arm64.deb
sha:33f4326d493066b0b78dafc1d623af10a6dccf2b
-
nginx1.26-common_1.26.3-3~trixie+tuxcare.els9_all.deb
sha:2bdf0779843470ba94c8fa86204c0e923692e20b
-
nginx1.26-dev_1.26.3-3~trixie+tuxcare.els9_all.deb
sha:c48d0c4129d0e155135250da4b416c7d4f035fa9
-
nginx1.26-doc_1.26.3-3~trixie+tuxcare.els9_all.deb
sha:911795436c9166de0ba7a6b4bae6242b165e4840
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.