Changes with nginx 1.30.3

*) Security: a heap memory buffer overflow might occur in a worker
   process when using a configuration with "ignore_invalid_headers off;"
   and "large_client_header_buffers" with large configured values when
   proxying a specially crafted request to HTTP/2 or gRPC backend,
   allowing an attacker to cause worker process memory corruption or
   segmentation fault in a worker process (CVE-2026-42055).

*) Security: a heap memory buffer overread might occur in a worker
   process while handling a specially sent response with decoding from
   UTF-8 via the "charset_map" directive, allowing an attacker to cause
   a limited disclosure of worker proccess memory or segmentation fault
   in a worker process (CVE-2026-48142).

Signed-off-by: Andrej Kozemcak <[email protected]>
---
 .../recipes-httpd/nginx/{nginx_1.30.2.bb => nginx_1.30.3.bb}    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-webserver/recipes-httpd/nginx/{nginx_1.30.2.bb => nginx_1.30.3.bb} 
(51%)

diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.30.2.bb 
b/meta-webserver/recipes-httpd/nginx/nginx_1.30.3.bb
similarity index 51%
rename from meta-webserver/recipes-httpd/nginx/nginx_1.30.2.bb
rename to meta-webserver/recipes-httpd/nginx/nginx_1.30.3.bb
index 2ccc7226a4..981b3f6477 100644
--- a/meta-webserver/recipes-httpd/nginx/nginx_1.30.2.bb
+++ b/meta-webserver/recipes-httpd/nginx/nginx_1.30.3.bb
@@ -2,5 +2,5 @@ require nginx.inc
 
 LIC_FILES_CHKSUM = "file://LICENSE;md5=79da1c70d587d3a199af9255ad393f99"
 
-SRC_URI[sha256sum] = 
"7df3090907fca3cc0e456d6dc00ceb230da74ea88026ceff0affc29dbbd9ac4c"
+SRC_URI[sha256sum] = 
"e5823dc6f45610993def93ebf6cfce68264af4958c77e874b7d20f3709001b8f"
 
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#127713): 
https://lists.openembedded.org/g/openembedded-devel/message/127713
Mute This Topic: https://lists.openembedded.org/mt/119954850/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to