Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fc3e70c2 by Salvatore Bonaccorso at 2026-05-16T09:02:42+02:00
Track fixed version for nginx issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1960,20 +1960,20 @@ CVE-2026-42945 (NGINX Plus and NGINX Open Source have a
vulnerability in the ngx
NOTE: https://nginx.org/en/security_advisories.html
NOTE:
https://github.com/nginx/nginx/commit/524977e7c534e87e5b55739fa74601c9f1102686
(release-1.30.1)
CVE-2026-42946 (A vulnerability exists in the ngx_http_scgi_moduleand
ngx_http_uwsgi_m ...)
- - nginx <unfixed>
+ - nginx 1.30.0-4
NOTE: https://my.f5.com/manage/s/article/K000161027
NOTE: https://nginx.org/en/security_advisories.html
NOTE:
https://github.com/nginx/nginx/commit/baef7fdac28e4e1fe26509b50b8d15603393e28e
(release-1.30.1)
NOTE:
https://github.com/nginx/nginx/commit/39d7d0ba0799fcff6baee52b6525f45739593cfd
(release-1.30.1)
CVE-2026-40460 (When NGINX Plus or NGINX Open Source are configured to use the
HTTP/3 ...)
- - nginx <unfixed>
+ - nginx 1.30.0-4
[bookworm] - nginx <not-affected> (Vulnerable code not present,
introduced in 1.25.0)
[bullseye] - nginx <not-affected> (Vulnerable code not present,
introduced in 1.25.0)
NOTE: https://my.f5.com/manage/s/article/K000161068
NOTE: https://nginx.org/en/security_advisories.html
NOTE:
https://github.com/nginx/nginx/commit/5461e8bbc09230a4cf8e3d7737c176ae69b091f1
(release-1.30.1)
CVE-2026-42926 (When NGINX Open Source is configured to proxy HTTP/2 traffic
by settin ...)
- - nginx <unfixed>
+ - nginx 1.30.0-4
[trixie] - nginx <not-affected> (Vulnerable code not present,
introduced in 1.29.4)
[bookworm] - nginx <not-affected> (Vulnerable code not present,
introduced in 1.29.4)
[bullseye] - nginx <not-affected> (Vulnerable code not present,
introduced in 1.29.4)
@@ -1982,12 +1982,12 @@ CVE-2026-42926 (When NGINX Open Source is configured to
proxy HTTP/2 traffic by
NOTE:
https://github.com/nginx/nginx/commit/ce3362cfd5c3e1434a6151cfa585b89114389da7
(release-1.30.1)
NOTE:
https://github.com/nginx/nginx/commit/a0e742944db64d8a547cc2e7a0ba4c2e85cd4b98
(release-1.30.1)
CVE-2026-40701 (NGINX Plus and NGINX Open Source have a vulnerability in the
ngx_http_ ...)
- - nginx <unfixed>
+ - nginx 1.30.0-4
NOTE: https://my.f5.com/manage/s/article/K000161021
NOTE: https://nginx.org/en/security_advisories.html
NOTE:
https://github.com/nginx/nginx/commit/d2b8d47741820c9fb134c6731ecb40b21f3085b1
(release-1.30.1)
CVE-2026-42934 (NGINX Plus and NGINX Open Source have a vulnerability in the
ngx_http_ ...)
- - nginx <unfixed>
+ - nginx 1.30.0-4
NOTE: https://my.f5.com/manage/s/article/K000161028
NOTE: https://nginx.org/en/security_advisories.html
NOTE:
https://github.com/nginx/nginx/commit/54b7945961b2eaafc480d6b85d9635d0db1c126a
(release-1.30.1)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc3e70c2276d4d49801cd2fc2a28876dbaba4048
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc3e70c2276d4d49801cd2fc2a28876dbaba4048
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
