From: Ankur Tyagi <[email protected]>

Changes with nginx 1.30.1

*) Security: when using the "proxy_set_body" directive, an attacker
   might inject data in the proxied request to an HTTP/2 backend
   (CVE-2026-42926).
*) Security: a heap memory buffer overflow might occur in a worker
   process while handling a specially crafted request by
   ngx_http_rewrite_module, potentially resulting in arbitrary code
   execution (CVE-2026-42945).
*) Security: a heap memory buffer overread might occur in a worker
   process while handling a specially crafted response by
   ngx_http_scgi_module or ngx_http_uwsgi_module, allowing an attacker
   to cause a disclosure of worker process memory or segmentation fault
   in a worker process (CVE-2026-42946).
*) Security: a heap memory buffer overread might occur in a worker
   process while handling a specially sent response with decoding from
   UTF-8 via the "charset_map" directive, allowing an attacker to cause
   a limited disclosure of worker proccess memory or segmentation fault
   in a worker process (CVE-2026-42934).
*) Security: when using HTTP/3, processing of connection migration might
   cause new QUIC streams to receive a new client address before
   validation, allowing an attacker to cause address spoofing
   (CVE-2026-40460).
*) Security: use-after-free might occur during DNS server response
   processing if the "ssl_ocsp" directive was used, allowing an attacker
   to cause worker process memory corruption or segmentation fault in a
   worker process (CVE-2026-40701).
*) Bugfix: connections with HTTP/2 backends might not be cached when
   using the "proxy_set_body" or "proxy_pass_request_body" directives.
*) Bugfix: proxied HTTP/0.9, SCGI, or uWSGI responses might be
   transferred incorrectly if the first line was not fully read.

Signed-off-by: Ankur Tyagi <[email protected]>
---
 .../recipes-httpd/nginx/{nginx_1.30.0.bb => nginx_1.30.1.bb}    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-webserver/recipes-httpd/nginx/{nginx_1.30.0.bb => nginx_1.30.1.bb} 
(51%)

diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.30.0.bb 
b/meta-webserver/recipes-httpd/nginx/nginx_1.30.1.bb
similarity index 51%
rename from meta-webserver/recipes-httpd/nginx/nginx_1.30.0.bb
rename to meta-webserver/recipes-httpd/nginx/nginx_1.30.1.bb
index 139fe24dcd..f774979f89 100644
--- a/meta-webserver/recipes-httpd/nginx/nginx_1.30.0.bb
+++ b/meta-webserver/recipes-httpd/nginx/nginx_1.30.1.bb
@@ -2,5 +2,5 @@ require nginx.inc
 
 LIC_FILES_CHKSUM = "file://LICENSE;md5=79da1c70d587d3a199af9255ad393f99"
 
-SRC_URI[sha256sum] = 
"058188c64bf22baecaa72b809a6318a4f9ba623889c554feab03f7cb853ab31b"
+SRC_URI[sha256sum] = 
"99765000d974896b31ca5882d8c279ce3fe7ef6f5c6f9f0a967ed7fd3407f9cc"
 
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#127142): 
https://lists.openembedded.org/g/openembedded-devel/message/127142
Mute This Topic: https://lists.openembedded.org/mt/119433223/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to