Release date:
2026-05-04 08:34:36 UTC
Description:
- CVE-2026-27651: fix null pointer dereference in ngx_mail_auth_http_module
when authentication retry is enabled with CRAM-MD5 or APOP
- CVE-2026-32647: fix buffer over-read/write in ngx_http_mp4_module when
processing crafted mp4 files with empty stco/co64 atoms
Updated packages:
-
nginx-1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6.x86_64.rpm
sha:50be8c4609c21ac7929e7d9ac586d1e6a86e75df20a1228cabf6bd9b1470b063
-
nginx-all-modules-1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6.noarch.rpm
sha:55a48052e106f71aedcccf894fa437a8d93737ab623f81c8c0bdd9a30d21b3fe
-
nginx-filesystem-1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6.noarch.rpm
sha:31f3fb8983c362928ed64c814d7422514cf85d880759dfc3a6250734e8021230
-
nginx-mod-http-image-filter-1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6.x86_64.rpm
sha:ed25c68e099e837f9b2c3e60a521c236a3384b09dfcd33533e64537cbb6bebb7
-
nginx-mod-http-perl-1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6.x86_64.rpm
sha:3a1542cd060c4dcc0471ccf1339df6dc74433477a5861215ff7a070ee02e129e
-
nginx-mod-http-xslt-filter-1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6.x86_64.rpm
sha:bfe5e72bc269b90cf3427643f201b425d19cab2cd3408e43fe26e6ab39ed3397
-
nginx-mod-mail-1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6.x86_64.rpm
sha:a8970c5cac9d26ba136a34cbba19e09d9b487cfa4b824447bf2eda273c53fb86
-
nginx-mod-stream-1.14.1-9.module_el8.4.0+2375+16a84bc4.tuxcare.els6.x86_64.rpm
sha:c58c46723d5efe7f5efb5d33127338df74973281d3661e0115c5179e0edd53d8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
