Release date:
2026-05-07 08:23:53 UTC
Description:
- CVE-2026-27651: fix null pointer dereference in ngx_mail_auth_http_module
when authentication retry is enabled with CRAM-MD5 or APOP
- CVE-2026-32647: fix buffer over-read/write in ngx_http_mp4_module when
processing crafted mp4 files with empty stco/co64 atoms
Updated packages:
-
nginx-1.14.1-9.module_el8+2396+76af5b1f.tuxcare.els6.x86_64.rpm
sha:b9641c1faa516db207b4367e8a5dd000254508bfdfecf65a32dcfb8027f7aa25
-
nginx-all-modules-1.14.1-9.module_el8+2396+76af5b1f.tuxcare.els6.noarch.rpm
sha:d3504dcbdefcc359bba02fa62acf490d06720ee50fe465d6e6586af184a43a36
-
nginx-filesystem-1.14.1-9.module_el8+2396+76af5b1f.tuxcare.els6.noarch.rpm
sha:8682082ce3dedb2bbc3d773559fc19cd271892dd439302083fd3af4cefa1e942
-
nginx-mod-http-image-filter-1.14.1-9.module_el8+2396+76af5b1f.tuxcare.els6.x86_64.rpm
sha:d16a3e300827c6012dedef88748fc874d8282832278e90ff9d8fc183f152c4a0
-
nginx-mod-http-perl-1.14.1-9.module_el8+2396+76af5b1f.tuxcare.els6.x86_64.rpm
sha:16861d5e85d3d3a71d8ad999299cc9f802477157c5efa2a874dee38b0139d5d0
-
nginx-mod-http-xslt-filter-1.14.1-9.module_el8+2396+76af5b1f.tuxcare.els6.x86_64.rpm
sha:a3f3b5e1f95b9f8a0c26383a96379bd92782b485b71f8887c1944bd921fe4007
-
nginx-mod-mail-1.14.1-9.module_el8+2396+76af5b1f.tuxcare.els6.x86_64.rpm
sha:bfb17de1736bad0171febeb73b28f20da83215b9876f9594d876f7c82b75ca0e
-
nginx-mod-stream-1.14.1-9.module_el8+2396+76af5b1f.tuxcare.els6.x86_64.rpm
sha:1280cb68273c085cf9ebb40f6c154d43e23908d7f094a1a8bdc7c528fa93c611
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
