ALSA-2026:18029

[ALSA-2026:18029] Critical: nginx security update

Type:

security

Severity:

critical

Release date:

2026-05-18

Description:

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.   

Security Fix(es):  

  * nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	nginx-mod-devel-1.20.1-24.el9_7.3.alma.1.aarch64.rpm	00d8a3bb6feb6214d51b59951708fc1ef1971b375ef80a2e2680f3c6928c6798
aarch64	nginx-mod-stream-1.20.1-24.el9_7.3.alma.1.aarch64.rpm	0add12b5a004b643972480188fd66e034e26cc9e78abb666cde3bcc0edfc4e06
aarch64	nginx-core-1.20.1-24.el9_7.3.alma.1.aarch64.rpm	250a326e343b9ff69b90fb18a5a00a37f3a90cbc57b00130cf1042e794d856a8
aarch64	nginx-mod-http-perl-1.20.1-24.el9_7.3.alma.1.aarch64.rpm	9fef717039e81effedae644e0ed141d5d1a170f6b9c6ef29adbd398b7a27afbf
aarch64	nginx-mod-http-image-filter-1.20.1-24.el9_7.3.alma.1.aarch64.rpm	b1a45aaeebcc734a5d410e1a1f1f5ba7566e3d38682d663906a8550b99719da4
aarch64	nginx-1.20.1-24.el9_7.3.alma.1.aarch64.rpm	b9d531c13eb1121df580208f419e8205e2b62c7553b2a044f669d1746dca4a07
aarch64	nginx-mod-http-xslt-filter-1.20.1-24.el9_7.3.alma.1.aarch64.rpm	bfa96f9c5c746b85e444d9d3ee8667c2d709d31c27adffe754de2a04536e20c0
aarch64	nginx-mod-mail-1.20.1-24.el9_7.3.alma.1.aarch64.rpm	de167d557ba7370958c4bcc3fadb3cec76a8e34c4599607c9382c07e26f12c81
noarch	nginx-all-modules-1.20.1-24.el9_7.3.alma.1.noarch.rpm	38a4515e74d4728c24577c55b05d5c004de5e25004dde1febcad35a0973da542
noarch	nginx-filesystem-1.20.1-24.el9_7.3.alma.1.noarch.rpm	60a03a3eb1b58355a1274749d9d3db9e8fc70ce84b93a1d5f13e67a8ccfe86bc
ppc64le	nginx-1.20.1-24.el9_7.3.alma.1.ppc64le.rpm	0617fe9cbdea9cba6ee74c86b6345336ddeef7f2d0e2cf6e4d789677a115b140
ppc64le	nginx-mod-mail-1.20.1-24.el9_7.3.alma.1.ppc64le.rpm	38ab76e75881bc728acd3f0d4eb8b8d0d90548127f021552101a94953a3a2c17
ppc64le	nginx-mod-stream-1.20.1-24.el9_7.3.alma.1.ppc64le.rpm	3c508423316bb2ec8f198cf970e16a6dce5703a38f157706121c8c9a71cff645
ppc64le	nginx-mod-http-xslt-filter-1.20.1-24.el9_7.3.alma.1.ppc64le.rpm	8d1d320b251caf00750439999d4ad5d77e8835837967ff690d3ec08a74d5f68e
ppc64le	nginx-mod-http-image-filter-1.20.1-24.el9_7.3.alma.1.ppc64le.rpm	96deb6400d367da15ee0030dd79775f884db02e4da593510667b8384db99ab63
ppc64le	nginx-mod-devel-1.20.1-24.el9_7.3.alma.1.ppc64le.rpm	c10e9bbaf8a7fec93ad11fbfecb651b981bb57039743ef69f2ae81f4e3912fdb
ppc64le	nginx-mod-http-perl-1.20.1-24.el9_7.3.alma.1.ppc64le.rpm	c62920be873452a2de9886486de3000296a6a7678e241e4f490bdb67caf8a96d
ppc64le	nginx-core-1.20.1-24.el9_7.3.alma.1.ppc64le.rpm	ea5197bbd35bbd03d65e2057068df513bb37fe9b85765c3e395e565a7b071682
s390x	nginx-mod-devel-1.20.1-24.el9_7.3.alma.1.s390x.rpm	109ff63561b23dfaf15aa8eb468adfe73547ad5742a1497cffaef2a42e3e341d
s390x	nginx-mod-http-xslt-filter-1.20.1-24.el9_7.3.alma.1.s390x.rpm	1ea71ddaae1266f9e81dbfa5b3e976ec34aa15ce4508adf471db6c708d552944
s390x	nginx-mod-http-image-filter-1.20.1-24.el9_7.3.alma.1.s390x.rpm	57baf1a7ee8c58e07d7a8ef1a3bc2159fe8124811481c546234d1e998abe5348
s390x	nginx-mod-mail-1.20.1-24.el9_7.3.alma.1.s390x.rpm	60108489f02a72b03eae034068a5646e0826535ecca424b104a2d514ae23189c
s390x	nginx-1.20.1-24.el9_7.3.alma.1.s390x.rpm	661b9ad018a2bb6bd19f5f93a5f78c877766cac2e324060b693a57228b3671d8
s390x	nginx-core-1.20.1-24.el9_7.3.alma.1.s390x.rpm	773e945a5b579b9416c6afb5a73066fd5eb40863c9b8664a149c5cc581b4715a
s390x	nginx-mod-http-perl-1.20.1-24.el9_7.3.alma.1.s390x.rpm	886b6aadc29a1a48582903da41da3feede4c2cb40ce7f98863086a0503e94960
x86_64	nginx-mod-http-image-filter-1.20.1-24.el9_7.3.alma.1.x86_64.rpm	2b96028a56e25d82a310d6a3a38324828d9a4502ad52acff5b9616b91a9f6bff
x86_64	nginx-mod-http-xslt-filter-1.20.1-24.el9_7.3.alma.1.x86_64.rpm	56ee0e934acd0eb12b40996be212530394b17300efc3a6c4ea6f52ccf8acd37d
x86_64	nginx-mod-devel-1.20.1-24.el9_7.3.alma.1.x86_64.rpm	5d8a0530bcda8762197ba8686b7673a0ad76eaa0f5869357e76afe1c0ce7e135
x86_64	nginx-core-1.20.1-24.el9_7.3.alma.1.x86_64.rpm	7314bf0167e13cb5d34f779efc7d1dda6a9550f32069ecb93eead1a2b03d1f12
x86_64	nginx-mod-mail-1.20.1-24.el9_7.3.alma.1.x86_64.rpm	8606fe1e4eaa7b141db220f5f8889b0f04985dac5a2598589f77aed9064ca318
x86_64	nginx-1.20.1-24.el9_7.3.alma.1.x86_64.rpm	98f6fd4e0a740709718da33df5ac25918d644693d5a179eecee12b660e0d7185
x86_64	nginx-mod-http-perl-1.20.1-24.el9_7.3.alma.1.x86_64.rpm	f2767b0ce7a9d485da61adb2ed16a68870df22c87333a498749faf6dbe462f19

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.