Changelog: - Security: an attacker might inject plain text data in the response from an SSL backend (CVE-2026-1642). - Bugfix: use-after-free might occur after switching to the next gRPC or HTTP/2 backend. - Bugfix: fixed warning when compiling with MSVC 2022 x86.
Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../recipes-httpd/nginx/{nginx_1.28.1.bb => nginx_1.28.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-webserver/recipes-httpd/nginx/{nginx_1.28.1.bb => nginx_1.28.2.bb} (66%) diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.28.1.bb b/meta-webserver/recipes-httpd/nginx/nginx_1.28.2.bb similarity index 66% rename from meta-webserver/recipes-httpd/nginx/nginx_1.28.1.bb rename to meta-webserver/recipes-httpd/nginx/nginx_1.28.2.bb index eaaf2b75e9..9699b7189d 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx_1.28.1.bb +++ b/meta-webserver/recipes-httpd/nginx/nginx_1.28.2.bb @@ -2,6 +2,6 @@ require nginx.inc LIC_FILES_CHKSUM = "file://LICENSE;md5=3dc49537b08b14c8b66ad247bb4c4593" -SRC_URI[sha256sum] = "40e7a0916d121e8905ef50f2a738b675599e42b2224a582dd938603fed15788e" +SRC_URI[sha256sum] = "20e5e0f2c917acfb51120eec2fba9a4ba4e1e10fd28465067cc87a7d81a829a3" CVE_STATUS[CVE-2025-53859] = "cpe-stable-backport: Fix is included in 1.28.1"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124356): https://lists.openembedded.org/g/openembedded-devel/message/124356 Mute This Topic: https://lists.openembedded.org/mt/117774434/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
