[ALSA-2026:7343] Important: nginx:1.26 security update
Type:
security
Severity:
important
Release date:
2026-04-15
Description:
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): * nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647) * NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654) * NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784) * NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 nginx-mod-http-xslt-filter-1.26.3-2.module_el9.7.0+223+9cd7031b.1.aarch64.rpm 227078fa33e7a82f03a2827001bcadcfe63f8a2f7ea2a8c5891ef51db7dec860
aarch64 nginx-mod-http-perl-1.26.3-2.module_el9.7.0+223+9cd7031b.1.aarch64.rpm 24547ba5ed9c4f47a8374b3036048970ffad523b46f4ba91c837eafa59c3e66e
aarch64 nginx-mod-stream-1.26.3-2.module_el9.7.0+223+9cd7031b.1.aarch64.rpm 5e144102da8c3d8e784fa94777812aa60a2eba78b1ce801a624b1d55b09d53a1
aarch64 nginx-mod-http-image-filter-1.26.3-2.module_el9.7.0+223+9cd7031b.1.aarch64.rpm 64ddb1e0769e2b85ae95ebcc72a1a23f3ea5c095c8c2cf594ddf530b75fb2c45
aarch64 nginx-mod-devel-1.26.3-2.module_el9.7.0+223+9cd7031b.1.aarch64.rpm 90bae2b1eb8f0fcd560acc05d3cc8e116c81c66e42a6ec983fe77bf9d060e317
aarch64 nginx-1.26.3-2.module_el9.7.0+223+9cd7031b.1.aarch64.rpm 944ac917d7c46f6b339150bd9ed840361705bc03107e1e4fc78b187d8afca3ca
aarch64 nginx-mod-mail-1.26.3-2.module_el9.7.0+223+9cd7031b.1.aarch64.rpm 9d3262181b2d19e19894d1e1123f12d237c777347e4e2c9883d019006ab7f7e8
aarch64 nginx-core-1.26.3-2.module_el9.7.0+223+9cd7031b.1.aarch64.rpm a13174b261d810127549c6e0fe00406267c2bb79ac5b57c3ceb4c6e4d167d7c2
noarch nginx-all-modules-1.26.3-2.module_el9.7.0+223+9cd7031b.1.noarch.rpm 8625be1bb61ff199185d32d10533f2c6becc0bd595d4c9e5b89698cf231f92f3
noarch nginx-filesystem-1.26.3-2.module_el9.7.0+223+9cd7031b.1.noarch.rpm f700a99a7d3c141ce36c826a6f190696bca3ca5f2cd132a61ef28dc660424e96
ppc64le nginx-core-1.26.3-2.module_el9.7.0+223+9cd7031b.1.ppc64le.rpm 20624002da179496be2bf674cdb7c3474f991b3c493c6c21723f232fb899f29d
ppc64le nginx-mod-devel-1.26.3-2.module_el9.7.0+223+9cd7031b.1.ppc64le.rpm 27bb830e0eb43050dc88ef7f160d06504d91563fe3b36a0576f9646e1f616cef
ppc64le nginx-mod-http-perl-1.26.3-2.module_el9.7.0+223+9cd7031b.1.ppc64le.rpm 7f524d2c402764ce9572392f4ba59f44b2e633c3cca27c72e0371e7b2b2eedb9
ppc64le nginx-mod-http-xslt-filter-1.26.3-2.module_el9.7.0+223+9cd7031b.1.ppc64le.rpm 82716911de6c8c37b2acfed0ddc1b6e9ba64ece1f66f20a448289e60b2709e39
ppc64le nginx-mod-mail-1.26.3-2.module_el9.7.0+223+9cd7031b.1.ppc64le.rpm 8769429abb5bd37f4a1a3ada07fb810be61a925c0705626a5df358b1af551285
ppc64le nginx-mod-stream-1.26.3-2.module_el9.7.0+223+9cd7031b.1.ppc64le.rpm d3cf80043d3c5e919260af34a1ce02c51ec51441efdf0ae5e481699ede7040b9
ppc64le nginx-mod-http-image-filter-1.26.3-2.module_el9.7.0+223+9cd7031b.1.ppc64le.rpm db684c24556e27b3fb883a5471f0979c1d783f4664a3cbf732e554efbfbce06e
ppc64le nginx-1.26.3-2.module_el9.7.0+223+9cd7031b.1.ppc64le.rpm ec4ea5e073880a7ffff259843dfee4e49d44bc6fd3430b5b19ff3dc37be74228
s390x nginx-mod-http-perl-1.26.3-2.module_el9.7.0+223+9cd7031b.1.s390x.rpm 0034f246d34c086bce45c1883d3f21391976a6595bce52c1cf79cea8d2cccb58
s390x nginx-core-1.26.3-2.module_el9.7.0+223+9cd7031b.1.s390x.rpm 211ad2dc4ae9fc280c35ebff3f24fcc55fad108a87a6b1d7a337b783795fc5fc
s390x nginx-mod-http-xslt-filter-1.26.3-2.module_el9.7.0+223+9cd7031b.1.s390x.rpm 571f256562caa9bc1d52c5dd71b24beaa1e331b111c5e0d07e9f2aac3026f142
s390x nginx-mod-stream-1.26.3-2.module_el9.7.0+223+9cd7031b.1.s390x.rpm 84be6c2865258e7d20478b6542acf3a9f4f86532f42428392071e5b948146b58
s390x nginx-mod-mail-1.26.3-2.module_el9.7.0+223+9cd7031b.1.s390x.rpm bdc98c0c4d48bf0a062818fb138602a311b1daf41bfe2cd669d2d788f76a3ba9
s390x nginx-1.26.3-2.module_el9.7.0+223+9cd7031b.1.s390x.rpm c8675fd9142844529e2800724479bb59188df8cbeae2ecd73df45f3f09066987
s390x nginx-mod-http-image-filter-1.26.3-2.module_el9.7.0+223+9cd7031b.1.s390x.rpm e2ee05d5f108bf4d4ef5d529b1ea65bb06e97fbde4a42a0521158176101ee3b1
s390x nginx-mod-devel-1.26.3-2.module_el9.7.0+223+9cd7031b.1.s390x.rpm f3531a5277dddccca2574e70cfb39a8ac08abb4269418da44df2182790ba0ab0
x86_64 nginx-1.26.3-2.module_el9.7.0+223+9cd7031b.1.x86_64.rpm 0b8b106ba69140fb852ae61be1ed36476edf99cb7561a9ed14c99ed92f4e9d0b
x86_64 nginx-mod-http-image-filter-1.26.3-2.module_el9.7.0+223+9cd7031b.1.x86_64.rpm 21880dd5540cfd8a73f197d952fd32398578185afe3dbe9ebd4ccf9c6077fdcd
x86_64 nginx-mod-stream-1.26.3-2.module_el9.7.0+223+9cd7031b.1.x86_64.rpm 43f57a226dea643aba0e69600f18115aafd3e0adb2e264f4fe4bd22c2a449409
x86_64 nginx-mod-http-perl-1.26.3-2.module_el9.7.0+223+9cd7031b.1.x86_64.rpm 77e4154032478afc436a2908f6bebdea97646111cd6ddca3ac354ad965e3551d
x86_64 nginx-mod-devel-1.26.3-2.module_el9.7.0+223+9cd7031b.1.x86_64.rpm 8de5a47f3985e5c42db3b090e6f8d36ebe14d56c01042af8692beb499a9b2988
x86_64 nginx-mod-mail-1.26.3-2.module_el9.7.0+223+9cd7031b.1.x86_64.rpm 93c09885adee8f172b1615a2a2e223ced58e181df596034a0e56efe19922a0e3
x86_64 nginx-core-1.26.3-2.module_el9.7.0+223+9cd7031b.1.x86_64.rpm 9eac5e7937588521586b0abb25bb5145533cdecb559cfb24a0a62baab595b986
x86_64 nginx-mod-http-xslt-filter-1.26.3-2.module_el9.7.0+223+9cd7031b.1.x86_64.rpm a5746d42ac38ae6d75b91f0b6ec9b5032b09e6c2ef21f5006adc1f34f6d52158
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.