[Git][security-tracker-team/security-tracker][master] nginx DSA

Sat, 16 May 2026 10:29:02 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4390b992 by Moritz Mühlenhoff at 2026-05-16T19:28:04+02:00
nginx DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2103,6 +2103,7 @@ CVE-2026-42946 (A vulnerability exists in the 
ngx_http_scgi_moduleand ngx_http_u
        NOTE: 
https://github.com/nginx/nginx/commit/39d7d0ba0799fcff6baee52b6525f45739593cfd 
(release-1.30.1)
 CVE-2026-40460 (When NGINX Plus or NGINX Open Source are configured to use the 
HTTP/3  ...)
        - nginx 1.30.0-4
+       [trixie] - nginx 1.26.3-3+deb13u5
        [bookworm] - nginx <not-affected> (Vulnerable code not present, 
introduced in 1.25.0)
        [bullseye] - nginx <not-affected> (Vulnerable code not present, 
introduced in 1.25.0)
        NOTE: https://my.f5.com/manage/s/article/K000161068


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[16 May 2026] DSA-6278-1 nginx - security update
+       {CVE-2026-40701 CVE-2026-42934 CVE-2026-42945 CVE-2026-42946}
+       [bookworm] - nginx 1.22.1-9+deb12u7
+       [trixie] - nginx 1.26.3-3+deb13u5
 [15 May 2026] DSA-6277-1 openjpeg2 - security update
        {CVE-2026-6192}
        [bookworm] - openjpeg2 2.5.0-2+deb12u3


=====================================
data/dsa-needed.txt
=====================================
@@ -62,9 +62,6 @@ netatalk
 --
 netty
 --
-nginx
-  Maintainer is preparing updates
---
 opennds/oldstable
   pinged maintainer, but no reply yet. should most probably be bumped to 10.x
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4390b99293ebc3ee7167b05b502188456776a0fe

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4390b99293ebc3ee7167b05b502188456776a0fe
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to