ALSA-2026:7002

[ALSA-2026:7002] Important: nginx security update

Type:

security

Severity:

important

Release date:

2026-04-15

Description:

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.   

Security Fix(es):  

  * nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)
  * NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)
  * NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)
  * NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	nginx-mod-devel-1.20.1-24.el9_7.2.alma.1.aarch64.rpm	19c1a6ab2afd1730b8f6092f453f79177770b820aeead3e925adc9df95d8a949
aarch64	nginx-core-1.20.1-24.el9_7.2.alma.1.aarch64.rpm	2dcdf7e83b11c6a4062abb37c9b3c6f7e2aca6435a83278e01cb2193ac633d03
aarch64	nginx-mod-http-perl-1.20.1-24.el9_7.2.alma.1.aarch64.rpm	37d5c260b4f58b39af1da6b38bdae09f247c83715b4d736956052af0d9c55ed3
aarch64	nginx-1.20.1-24.el9_7.2.alma.1.aarch64.rpm	40f08d46cd599e9a4cae5c5942f502838b391102a21b6e286e00306fd9ad0170
aarch64	nginx-mod-http-xslt-filter-1.20.1-24.el9_7.2.alma.1.aarch64.rpm	5099f72649b287a50e838beae01613aafa796b214dfd2a01dc05068418bf9463
aarch64	nginx-mod-stream-1.20.1-24.el9_7.2.alma.1.aarch64.rpm	6ccc3d504e612033a7b9d811d93d54d8c2c59e1c0b64d6ed98b6b4df4cf03f1e
aarch64	nginx-mod-http-image-filter-1.20.1-24.el9_7.2.alma.1.aarch64.rpm	b7efa354b60b0d7af25268153851fada24c8ef865e2c0c46287d16875117ee5f
aarch64	nginx-mod-mail-1.20.1-24.el9_7.2.alma.1.aarch64.rpm	ea198e40dacd1db9cf67b72374708aa5b755ace4584ba78c2547677d4be65636
noarch	nginx-filesystem-1.20.1-24.el9_7.2.alma.1.noarch.rpm	277879fa5db7744b71ccc6211c52813232a7f193f9a4170810dd06f48de4433c
noarch	nginx-all-modules-1.20.1-24.el9_7.2.alma.1.noarch.rpm	ad5e29e77afa744fc5598b84076ae5e965f895cd4a29cabfb09c94e1bfa3a033
ppc64le	nginx-mod-stream-1.20.1-24.el9_7.2.alma.1.ppc64le.rpm	444ca650bbd4eb11701ecfa4200270053e50cbcf178c272822a2212a7cdc3c9b
ppc64le	nginx-mod-devel-1.20.1-24.el9_7.2.alma.1.ppc64le.rpm	455305f79eb38d1c89adf9b0542e1c08d615463905b022047574a299f3204190
ppc64le	nginx-core-1.20.1-24.el9_7.2.alma.1.ppc64le.rpm	6e7b21e49ca083057bcf900e43d439a28ce36a8314e7a242ac860b59897af87b
ppc64le	nginx-1.20.1-24.el9_7.2.alma.1.ppc64le.rpm	752f205a20c4051703e988dc0dc26dc0eccfc56308be8023b144885f3c77ccf8
ppc64le	nginx-mod-http-image-filter-1.20.1-24.el9_7.2.alma.1.ppc64le.rpm	85d62f241c16e7fb9465b08acd5c1d0ab6954048ff82dab92363f5adb89ffb33
ppc64le	nginx-mod-mail-1.20.1-24.el9_7.2.alma.1.ppc64le.rpm	c99e2b9fc6534d88f02076dbceef456321ad02fe26b2961e4b07d08a0b5c3d5a
ppc64le	nginx-mod-http-perl-1.20.1-24.el9_7.2.alma.1.ppc64le.rpm	ddd2ec54808012c98467abff61fce5e9aaa02e72f84f501de0caa20f9d9a653b
ppc64le	nginx-mod-http-xslt-filter-1.20.1-24.el9_7.2.alma.1.ppc64le.rpm	eabb010b7f45404a946a000ebaa4a02ae33e35dfbee41ee8e247c01fba5c7861
s390x	nginx-mod-devel-1.20.1-24.el9_7.2.alma.1.s390x.rpm	025f8b5c805b4e3da98aea690280a5ff9b0c2f89aa48712a9e892d9a236d331e
s390x	nginx-mod-mail-1.20.1-24.el9_7.2.alma.1.s390x.rpm	48c5c1f5a1428492f87dc327a4c394ffd8a3bf1e6433d5208f5a63e7c05d5f7d
s390x	nginx-mod-http-xslt-filter-1.20.1-24.el9_7.2.alma.1.s390x.rpm	5478ed0ff2f61a7181b431238e754b95f3e691cff920524d3fb8f2ab03e7368e
s390x	nginx-mod-stream-1.20.1-24.el9_7.2.alma.1.s390x.rpm	6eac28e23254cc0e02ca134d8c0670576b2b1e022f2acc711dd56b93deb62a9d
s390x	nginx-core-1.20.1-24.el9_7.2.alma.1.s390x.rpm	956d1c3352d8319f6db4e3c60f67c3439134796adccab9b382ea4711ed228979
s390x	nginx-mod-http-image-filter-1.20.1-24.el9_7.2.alma.1.s390x.rpm	aeaee9767991b3faec3e39c53d8ba40c630a7325f9d7cc652007e8cc666ee714
s390x	nginx-1.20.1-24.el9_7.2.alma.1.s390x.rpm	dfd79fc74742300377ebbe838b3b7698a2e8862465ead702c531fa512b50823c
s390x	nginx-mod-http-perl-1.20.1-24.el9_7.2.alma.1.s390x.rpm	e573ade34b4e66d391766d104d478e6e45c6147e7e2efc94f390619f40c7d7b1
x86_64	nginx-mod-devel-1.20.1-24.el9_7.2.alma.1.x86_64.rpm	2ab2ea2196a883a85ffe63e364acca29819e66d98f977d13fff043689523b1f8
x86_64	nginx-1.20.1-24.el9_7.2.alma.1.x86_64.rpm	38f6ae095d99efe17567251284d2f0556f5a2a6ee9e252bc043bc853fa37d74e
x86_64	nginx-mod-http-xslt-filter-1.20.1-24.el9_7.2.alma.1.x86_64.rpm	6cc334e23b09ebeb69df9984c919e84a2679a31d54dc16c00b67d24a2fbcb110
x86_64	nginx-core-1.20.1-24.el9_7.2.alma.1.x86_64.rpm	7d62ba8e21ea85911c38d2f29bad815b3302879bce788a45737db630844e144b
x86_64	nginx-mod-http-image-filter-1.20.1-24.el9_7.2.alma.1.x86_64.rpm	93bca3ef4d56e8dfb1afa42e2e37856dfd06f9cb288674e307ade3e6c98ff8f5
x86_64	nginx-mod-stream-1.20.1-24.el9_7.2.alma.1.x86_64.rpm	99b80122b573269b9eca307b347bf0b9f7699610a8e1ef0148c22adcfea154ed
x86_64	nginx-mod-http-perl-1.20.1-24.el9_7.2.alma.1.x86_64.rpm	aa022034e58987f0d51c4efa765f98c429e323df584e468933dede3cd4de5315
x86_64	nginx-mod-mail-1.20.1-24.el9_7.2.alma.1.x86_64.rpm	b656356a563b3f58b792fb8591288ec45aabdffa2251a3aafcf19b8d88187d3e

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.