Changes with nginx 1.30.3 *) Security: a heap memory buffer overflow might occur in a worker process when using a configuration with "ignore_invalid_headers off;" and "large_client_header_buffers" with large configured values when proxying a specially crafted request to HTTP/2 or gRPC backend, allowing an attacker to cause worker process memory corruption or segmentation fault in a worker process (CVE-2026-42055).
*) Security: a heap memory buffer overread might occur in a worker process while handling a specially sent response with decoding from UTF-8 via the "charset_map" directive, allowing an attacker to cause a limited disclosure of worker proccess memory or segmentation fault in a worker process (CVE-2026-48142). Signed-off-by: Andrej Kozemcak <[email protected]> --- .../recipes-httpd/nginx/{nginx_1.30.2.bb => nginx_1.30.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-webserver/recipes-httpd/nginx/{nginx_1.30.2.bb => nginx_1.30.3.bb} (51%) diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.30.2.bb b/meta-webserver/recipes-httpd/nginx/nginx_1.30.3.bb similarity index 51% rename from meta-webserver/recipes-httpd/nginx/nginx_1.30.2.bb rename to meta-webserver/recipes-httpd/nginx/nginx_1.30.3.bb index 2ccc7226a4..981b3f6477 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx_1.30.2.bb +++ b/meta-webserver/recipes-httpd/nginx/nginx_1.30.3.bb @@ -2,5 +2,5 @@ require nginx.inc LIC_FILES_CHKSUM = "file://LICENSE;md5=79da1c70d587d3a199af9255ad393f99" -SRC_URI[sha256sum] = "7df3090907fca3cc0e456d6dc00ceb230da74ea88026ceff0affc29dbbd9ac4c" +SRC_URI[sha256sum] = "e5823dc6f45610993def93ebf6cfce68264af4958c77e874b7d20f3709001b8f"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#127713): https://lists.openembedded.org/g/openembedded-devel/message/127713 Mute This Topic: https://lists.openembedded.org/mt/119954850/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
