UbuntuUpdates.org

Package "nginx-core"

Name: nginx-core

Description:

nginx web/proxy server (standard version)
Latest version: 1.28.3-2ubuntu1.2
Release: resolute (26.04)
Level: security
Repository: main
Head package: nginx
Homepage: https://nginx.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "nginx-core"

All arch deb package
APT INSTALL

Other versions of "nginx-core" in Resolute

Repository Area Version
base main 1.28.3-2ubuntu1
updates main 1.28.3-2ubuntu1.2

Changelog

Version: 1.28.3-2ubuntu1.2 2026-06-01 18:08:04 UTC

  nginx (1.28.3-2ubuntu1.2) resolute-security; urgency=medium

  * SECURITY UPDATE: HTTP/3 address spoofing
    - debian/patches/CVE-2026-40460.patch: QUIC: avoid assigning unvalidated
      address to new streams in src/event/quic/ngx_event_quic_migration.c.
    - CVE-2026-40460
  * SECURITY UPDATE: resolver use-after-free in OCSP
    - debian/patches/CVE-2026-40701.patch: OCSP: resolve cleanup on connection
      close in src/event/ngx_event_openssl_stapling.c.
    - CVE-2026-40701
  * SECURITY UPDATE: Buffer overread in the ngx_http_charset_module
    - debian/patches/CVE-2026-42934.patch: Charset: fix buffer over-read in
      recode_from_utf8(). in src/http/modules/ngx_http_charset_filter_module.c.
    - CVE-2026-42934
  * SECURITY UPDATE: Buffer overread in the ngx_http_scgi_module and
    ngx_http_uwsgi_module
    - debian/patches/CVE-2026-42946-1.patch: Upstream: reset parsing state after
      invalid status line in src/http/modules/ngx_http_scgi_module.c,
      src/http/modules/ngx_http_uwsgi_module.c.
    - debian/patches/CVE-2026-42946-2.patch: Upstream: fixed parsing of split
      status lines in src/http/modules/ngx_http_proxy_module.c,
      src/http/modules/ngx_http_scgi_module.c,
      src/http/modules/ngx_http_uwsgi_module.c.
    - CVE-2026-42946
  * SECURITY UPDATE: Buffer overflow in the ngx_http_rewrite_module
    - debian/patches/CVE-2026-9256.patch: Rewrite: fix buffer overflow with
      overlapping captures in src/http/ngx_http_script.c.
    - CVE-2026-9256

 -- Marc Deslauriers <email address hidden> Sat, 30 May 2026 10:26:32 -0400
Source diff to previous version
CVE-2026-40460 When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing
CVE-2026-40701 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssl_module module when the ssl_verify_client directive is set to "on" or "optio
CVE-2026-42934 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_charset_module module. When charset, source_charset, and charset_map and proxy_
CVE-2026-42946 A vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module modules that may result in excessive memory allocation or an over-read o
CVE-2026-9256 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when a rewrite directive uses

Version: 1.28.3-2ubuntu1.1 2026-05-14 13:07:43 UTC

  nginx (1.28.3-2ubuntu1.1) resolute-security; urgency=medium

  * SECURITY UPDATE: buffer overrun in ngx_http_rewrite_module
    (LP: #2152577)
    - d/patches/cve-2026-42945.patch: Apply upstream commit/fix
      for CVE
    - CVE-2026-42945

 -- Thomas Ward <email address hidden> Wed, 13 May 2026 17:01:19 -0400
2152577 CVE-2026-42945: heap-based buffer overflow in ngx_http_rewrite_module (NGINX Rift)
CVE-2026-42945 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is


About   -   Send Feedback to @ubuntu_updates