Release date:
2026-05-07 04:57:57 UTC
Description:
- CVE-2026-27651: fix null pointer dereference in ngx_mail_auth_http_module
when authentication retry is enabled with CRAM-MD5 or APOP
- CVE-2026-32647: fix buffer over-read/write in ngx_http_mp4_module when
processing crafted mp4 files with empty stco/co64 atoms
Updated packages:
-
nginx-1.14.1-9.module_el8.5.0+2395+ec75b62e.tuxcare.els6.x86_64.rpm
sha:cf6628d6fbbb91c0cfd2bb1a058a7c46a7f30c5eb9784ec1ddeebdb9b437caab
-
nginx-all-modules-1.14.1-9.module_el8.5.0+2395+ec75b62e.tuxcare.els6.noarch.rpm
sha:f626f35438b122a87bb77ced4d29a5cb506bef243692d9fbc504ba1bdfe1d3de
-
nginx-filesystem-1.14.1-9.module_el8.5.0+2395+ec75b62e.tuxcare.els6.noarch.rpm
sha:cd45ee5559b971a57882feae31899fd9905ce0d7cc8b4482524e873b2d201349
-
nginx-mod-http-image-filter-1.14.1-9.module_el8.5.0+2395+ec75b62e.tuxcare.els6.x86_64.rpm
sha:cfd291c88a4f8e0c83c2afe99ce2ce03fa07e3deb6c83bc6010e20779d688500
-
nginx-mod-http-perl-1.14.1-9.module_el8.5.0+2395+ec75b62e.tuxcare.els6.x86_64.rpm
sha:d2e5be9d476313ba1c99a945ea00c89a3805503e164fea1c4eb4a129ed4805f1
-
nginx-mod-http-xslt-filter-1.14.1-9.module_el8.5.0+2395+ec75b62e.tuxcare.els6.x86_64.rpm
sha:cbfc376d69b64abc6a07de64dd7b7fe4c4336a5d53f64ff3c4e840505fa0401a
-
nginx-mod-mail-1.14.1-9.module_el8.5.0+2395+ec75b62e.tuxcare.els6.x86_64.rpm
sha:52b308d32d1bf824398d56e602aef5fbd65cf7be36774423863f3f02b59b9b1e
-
nginx-mod-stream-1.14.1-9.module_el8.5.0+2395+ec75b62e.tuxcare.els6.x86_64.rpm
sha:d12d83fcab55ddddb5f63e9ece94eb010bedbbd28d0d4152db5ccf5d276ca912
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
