Release date:
2026-04-24 09:17:28 UTC
Description:
- CVE-2026-32647: fix buffer over-read/over-write in ngx_http_mp4_module
via integer overflow, off-by-one boundary checks, and zero sync sample
validation in stss atom
- CVE-2026-27651: fix NULL pointer dereference in ngx_mail_auth_http_module
when using CRAM-MD5 or APOP authentication with Auth-Wait response
Updated packages:
-
nginx-1.20.1-14.el9_2.1.alma.1.tuxcare.els7.x86_64.rpm
sha:1948b65b71885472bd579d2ef26deca26dbab467ab2f2a6ef5f3be1fe6e34e92
-
nginx-all-modules-1.20.1-14.el9_2.1.alma.1.tuxcare.els7.noarch.rpm
sha:416a6ef4a14212a24183dac3508610e8c0c02dad76c77607a0acfc2e168bae3f
-
nginx-core-1.20.1-14.el9_2.1.alma.1.tuxcare.els7.x86_64.rpm
sha:4f383579344c2e3e53f4300feccf2e3a46bfff08add331e7bad927da59cf9699
-
nginx-filesystem-1.20.1-14.el9_2.1.alma.1.tuxcare.els7.noarch.rpm
sha:3c654f661e7473d74392fe4040713e3c97d72a26a6982bf2f92fcdc8ad189e71
-
nginx-mod-devel-1.20.1-14.el9_2.1.alma.1.tuxcare.els7.x86_64.rpm
sha:b2b61bf23fbfca573977c792f64ea93b5958f1f5e1ac0572a958317e96b8ed42
-
nginx-mod-http-image-filter-1.20.1-14.el9_2.1.alma.1.tuxcare.els7.x86_64.rpm
sha:8925bec57d7c4889423ea3f4caf2d36754ee1cf3bde5f5c24af61c3104756467
-
nginx-mod-http-perl-1.20.1-14.el9_2.1.alma.1.tuxcare.els7.x86_64.rpm
sha:6b0c74a1cbe4bc290628b092cda262e562ec295e1939ea9bc27c14d53d385100
-
nginx-mod-http-xslt-filter-1.20.1-14.el9_2.1.alma.1.tuxcare.els7.x86_64.rpm
sha:a8cdbfde52182c45078755b1d10097975444b6fa44768b2822b4bf0710a34f2b
-
nginx-mod-mail-1.20.1-14.el9_2.1.alma.1.tuxcare.els7.x86_64.rpm
sha:26e32577ad62d83a15ea28b85c6dc84b7ccb52039a9c1108be939d91505caac5
-
nginx-mod-stream-1.20.1-14.el9_2.1.alma.1.tuxcare.els7.x86_64.rpm
sha:1ea7c379f2399b345199255b3aeb41e680da75562297589010d3262aa4682984
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
