ALSA-2025:7402

[ALSA-2025:7402] Moderate: nginx security update

Type:

security

Severity:

moderate

Release date:

2025-05-21

Description:

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.   

Security Fix(es):  

  * nginx: Memory corruption in the ngx_http_mp4_module (CVE-2022-41741)
  * nginx: Memory disclosure in the ngx_http_mp4_module (CVE-2022-41742)
  * nginx: specially crafted MP4 file may cause denial of service (CVE-2024-7347)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	nginx-mod-http-xslt-filter-1.20.1-22.el9_6.2.alma.1.aarch64.rpm	69561d0aa309538d747defebc921d4c0e8d817ff4adfbbd668a865b224cdfc94
aarch64	nginx-mod-http-image-filter-1.20.1-22.el9_6.2.alma.1.aarch64.rpm	6b40c59488cf548c3868117c27e6cc46203822fba70c1074484738391ce0532f
aarch64	nginx-1.20.1-22.el9_6.2.alma.1.aarch64.rpm	7215eeb0f1005026e1541926980f57fa023f9a9095bd66f04d088cf68412ae17
aarch64	nginx-mod-stream-1.20.1-22.el9_6.2.alma.1.aarch64.rpm	7f4b18080f755abd7d7b2ee78128841b87a8b04151bf2b5d80b37e0360b2ccf8
aarch64	nginx-mod-http-perl-1.20.1-22.el9_6.2.alma.1.aarch64.rpm	8968ecb520bb8f1c6fd31c0d821a1571de5578238660f5a34e85ce39aa09f897
aarch64	nginx-core-1.20.1-22.el9_6.2.alma.1.aarch64.rpm	9ce352e31ecad5a9b6551f4e0e8ed3f664ceb86f0b39b7596583ca288db27725
aarch64	nginx-mod-mail-1.20.1-22.el9_6.2.alma.1.aarch64.rpm	cc396642b69e078e21a00177bebcce5703f63fcbbea8edf803ff6dc57506c0f5
aarch64	nginx-mod-devel-1.20.1-22.el9_6.2.alma.1.aarch64.rpm	d6807bcabb6b611ca42ed491a097079e7b21080d18b68d2727f03da93555db14
noarch	nginx-all-modules-1.20.1-22.el9_6.2.alma.1.noarch.rpm	0a62efcf0ca9e93b6e836b834c53a731066049d98841218ddf7762b068764e90
noarch	nginx-filesystem-1.20.1-22.el9_6.2.alma.1.noarch.rpm	51eab6d828519b14e8288279e73102654443d8d4b2ee143de72af4d4ef4f0613
ppc64le	nginx-mod-http-image-filter-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm	32d638802568c65ffda2b3502c7ebab68431b2ab80ecf0b30cc377a4e9c40ae8
ppc64le	nginx-mod-http-xslt-filter-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm	51f038c65ccc3723f483d8705dd0fe4f88c91625674e41448728cbab9152de90
ppc64le	nginx-mod-mail-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm	54f2230e3545dee379ba683e3198accf0224fa14fe6b8200e28c567ac07e0db9
ppc64le	nginx-mod-stream-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm	7032e4681beb36715993c0845d59c0df7f09894bf4f89902318fdaa8992596c3
ppc64le	nginx-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm	7063e05f4807f117784f734dfaf80ab4639c699c274ae4a85077f0de841dd6ff
ppc64le	nginx-mod-devel-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm	882f7ca0dd90284694051f2dcf5d38aa2ab07e36738e83438e4d7344f3837770
ppc64le	nginx-core-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm	9ebd6e860177809806dc466683fa3dc66cbb71c390a77e26011e59420ce2a337
ppc64le	nginx-mod-http-perl-1.20.1-22.el9_6.2.alma.1.ppc64le.rpm	c20016064cf3b496d83631fd68b9891b91a6ab3f3c978a2bb5452ff1565412a5
s390x	nginx-mod-http-image-filter-1.20.1-22.el9_6.2.alma.1.s390x.rpm	28f485aa4893af4e680b2ce2eb64816cb4efe7d3b91d4c939e64672521d2327b
s390x	nginx-mod-http-xslt-filter-1.20.1-22.el9_6.2.alma.1.s390x.rpm	3769338c04546782fd62f202f6b48250d0d9fa6bd700706680ec33f013fd9c38
s390x	nginx-mod-http-perl-1.20.1-22.el9_6.2.alma.1.s390x.rpm	391fa4c6c4fc681f2fbb77c4e4a609eb6beebcf36af931c3b0044f459be50511
s390x	nginx-mod-stream-1.20.1-22.el9_6.2.alma.1.s390x.rpm	47a3cf923d67e3dbdcc2f87f67356c4038941b44d98805bed0865aea9827ba07
s390x	nginx-mod-mail-1.20.1-22.el9_6.2.alma.1.s390x.rpm	8911cd615279dd2eeb7c70fe87e623b70b390686acac76364d07069c52e51780
s390x	nginx-core-1.20.1-22.el9_6.2.alma.1.s390x.rpm	a72cdf02fa1afd2e8cbbe38bb296466bfac3db4d369070bf4467a0f7edb1adae
s390x	nginx-1.20.1-22.el9_6.2.alma.1.s390x.rpm	a92d34098840a7c31a770475c3425b38eb2f4af884d85c72dcb1d9af3a5cadbb
s390x	nginx-mod-devel-1.20.1-22.el9_6.2.alma.1.s390x.rpm	f118abca7b83767ac16647d95bbbeb516a93a1d7932ab39798a67ffd022b09b4
x86_64	nginx-mod-http-perl-1.20.1-22.el9_6.2.alma.1.x86_64.rpm	0708c4ade26b271ecfdc3f25c8bb395498eef1aa9b2a40e982b10bb1ff9e1751
x86_64	nginx-mod-stream-1.20.1-22.el9_6.2.alma.1.x86_64.rpm	1944034e4ac59e769e7828de81285cc6e30854bf1f2f8eb953a5363446da8277
x86_64	nginx-core-1.20.1-22.el9_6.2.alma.1.x86_64.rpm	5e5f89b5616bad6fa6752af1e39bfd65424bb9688e03a257274664a99e57b94c
x86_64	nginx-mod-mail-1.20.1-22.el9_6.2.alma.1.x86_64.rpm	870bbcb0e128aaac8890139857a4be1e325359ed3d7a30d8e9e02a9dd971122b
x86_64	nginx-mod-http-image-filter-1.20.1-22.el9_6.2.alma.1.x86_64.rpm	a13abe7204de6c41a6aacd8a651dc3b694c953acae8a659d4bdaf1170f593960
x86_64	nginx-mod-http-xslt-filter-1.20.1-22.el9_6.2.alma.1.x86_64.rpm	c1f3f693f722404cc1d12934b303064545bdbac40f25533c91d4d5dad956bbaf
x86_64	nginx-1.20.1-22.el9_6.2.alma.1.x86_64.rpm	db2dcf23189cde6e519760c72db69e54c680422c21a98327d2d1e873b2485e2d
x86_64	nginx-mod-devel-1.20.1-22.el9_6.2.alma.1.x86_64.rpm	e4400f7410335dbf531e9a874c06b7eec38032dd023dcc33fdb81932ab7114d5

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.