Hi everyone, I have looked carefully at the Debian patch, and I believe it is the right approach to handle this gracefully, so I have went ahead and prepared new updates that reintroduce a fix for CVE-2026-49975 and have uploaded them to the security team PPA here:
https://launchpad.net/~ubuntu-security- proposed/+archive/ubuntu/ppa/+packages Could you please give them a try in your environment and comment here? I believe I have tested them accurately to make sure they don't introduce a regression again, but due to the large number of third party modules available, I'd rather be on the safe side and would appreciate feedback. Thanks! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2155992 Title: headers-more dynamic module crash | Signal 11 and 6 Crashes due to ABI breakage on 1.24.0-2ubuntu7.10 and 1.28.3-2ubuntu1.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2155992/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
