[ALSA-2026:38847] Important: nginx:1.24 security, bug fix, and enhancement update
Type:
security
Severity:
important
Release date:
2026-07-14
Description:
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): * nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers (CVE-2026-42055) Bug Fix(es) and Enhancement(s): * "HTTP/2 bomb" nginx fix breaks module ABI causing crashes [almalinux-8.10.z] (JIRA:AlmaLinux-191779) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 nginx-mod-devel-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.aarch64.rpm 1c42519d3e724b163caf038f94f3e48b461592f09eeb1f323e48e518429a771b
aarch64 nginx-mod-stream-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.aarch64.rpm 25655530aee54928a0afa1e7333bf85f50c630ba22e49e6a17c07313011f2c6b
aarch64 nginx-mod-http-xslt-filter-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.aarch64.rpm 59c70ed5472992068cf91f3a2af9a66f0830f6e0456032d6e6d87ed6ae4f7321
aarch64 nginx-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.aarch64.rpm 759012b40ed790b1cea366432407a7c9ca499a2f99e0bb6dfbcef155b80236e9
aarch64 nginx-mod-http-image-filter-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.aarch64.rpm 8f0fe0451ed5eb887520312ccdf5c57843195a98dc74a505398337165aa8ec98
aarch64 nginx-mod-mail-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.aarch64.rpm e394b96aec61f6741d69f2c4419b78b527c40593b5d0ebe7c6e702ab062f4a82
aarch64 nginx-mod-http-perl-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.aarch64.rpm e91405180c7b798c059977b335e48ccff550cd4bee4f91efefc7536aa3da4678
noarch nginx-filesystem-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.noarch.rpm c564a3cccb2208c0b657b5c212804320ca8226b7bd189c3a7c078164b8023573
noarch nginx-all-modules-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.noarch.rpm c8ec5792c88cf994eaf06de5de2ac76306198ced41fbc4b71b6edd565ebbb3c8
ppc64le nginx-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.ppc64le.rpm 26fc593cba6394f73ec492b4636eb2a9c1a7ba63c166fda2a4869b6e4b241aa1
ppc64le nginx-mod-mail-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.ppc64le.rpm 2a8dfaf21c08e131b9892c13a64e017a446c9fc765dce1b014de410a8a0754cc
ppc64le nginx-mod-http-xslt-filter-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.ppc64le.rpm 3afa3cc5af05551b0f0c637030e7b0679a5d6365d47c1ff738395624903d1630
ppc64le nginx-mod-stream-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.ppc64le.rpm 4149e69d69d2311f7a81d39ee8c36674d16cff045ed4302dfff5ebb15015bd4f
ppc64le nginx-mod-devel-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.ppc64le.rpm 8eda4e7504debe8b69ec0cdc32e65f08e476ae613bc61107ef7718253a65a3a9
ppc64le nginx-mod-http-image-filter-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.ppc64le.rpm a7ae97e8a9214b96e2a0b4d63e6f0a7ab714274c5f1a81e44eac362e5a625870
ppc64le nginx-mod-http-perl-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.ppc64le.rpm f99e0d71e47004527f89b5346081c828a1fda7731d2780fdec098e080f3d8bdf
s390x nginx-mod-mail-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.s390x.rpm 0360eed55deb9e9ec04d654d345074fe4840ddade7c8974e0e00a2126649568e
s390x nginx-mod-stream-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.s390x.rpm 33cadb907da6cad433d557d945fb1ba91474066ea8a29d7f6fb8d10bf82f2e1c
s390x nginx-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.s390x.rpm 3564635de8e7c0b5eb1c1bb777ae9946370ab66e3b6357f6a8bee2006d52a306
s390x nginx-mod-http-xslt-filter-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.s390x.rpm 6ea901354e4edef39dbf2fb535d5558f59fd1e3b9baf5f157f4378f92a48b94a
s390x nginx-mod-http-image-filter-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.s390x.rpm 782bd4883d4f7aace62940efb1ed38952fc0364d0b6bcfdfe9d0990e2d898a67
s390x nginx-mod-devel-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.s390x.rpm a1c382fd1828ec38ac29c41bddf515289fc099c989f4d7405f089b512e57d3ba
s390x nginx-mod-http-perl-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.s390x.rpm f83bb3768648a87fec8bd0e46618d38dc7749e8f348270ba285cfd027721116b
x86_64 nginx-mod-http-perl-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.x86_64.rpm 0607ea9f567e899657cf4b75cc55ba190709c8d3eabe55fe586ebd8adbfc732b
x86_64 nginx-mod-http-xslt-filter-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.x86_64.rpm 3dfa248d9677e1cb8571269ef6503cef632784ce4017a95c2b733fe38ebf3d44
x86_64 nginx-mod-http-image-filter-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.x86_64.rpm 8732039527f12b8fabfe0023ec2945f8daaffda43ec29424d82c54e8cfabee8c
x86_64 nginx-mod-mail-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.x86_64.rpm a026e674d59ba22fbca5a2406362258fe75cf06d0742ecae2f661d123a50eb8d
x86_64 nginx-mod-devel-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.x86_64.rpm a92b505c10e1760b430fd099a56e90423f5960283ccdfc871a006f8feac66f81
x86_64 nginx-mod-stream-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.x86_64.rpm a952976e5a08c5a0025df41efce4aac25e1ced238bbd177f5300e3816cecaf41
x86_64 nginx-1.24.0-3.module_el8.10.0+4215+c88f2fa5.3.alma.1.x86_64.rpm e09547d6aca15c38ebcad6a2d48562e656b6714d3d8ec5d7cfa97f5838365e20
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.