[CLSA-2026:1778843906] nginx: Fix of CVE-2026-42945
Type:
security
Severity:
Important
Release date:
2026-05-15 11:18:33 UTC
Description:
- CVE-2026-42945: fix heap buffer overflow in ngx_http_rewrite_module when an unnamed PCRE capture group with '?' in the replacement is followed by another rewrite, if, or set directive; clear stale is_args flag in regex end code to prevent buffer overrun and possible worker crash or code execution
Updated packages:
  • nginx-1.20.1-14.el9_2.1.alma.1.tuxcare.els8.x86_64.rpm
    sha:023dd0b53fd2fb3a8c931e98c468e2a88b6877b91a115bbe1b79be11edef30c3
  • nginx-all-modules-1.20.1-14.el9_2.1.alma.1.tuxcare.els8.noarch.rpm
    sha:e7b4853a891ba0a4c7c7d841f1822f3d7b12155252576a85eaa7fe08dbf35ecd
  • nginx-core-1.20.1-14.el9_2.1.alma.1.tuxcare.els8.x86_64.rpm
    sha:9f571baf2ac7480c1d305ac3f23751be01fa45b223d5b9ef23e5be22257702fb
  • nginx-filesystem-1.20.1-14.el9_2.1.alma.1.tuxcare.els8.noarch.rpm
    sha:b68b07c45c76e89f49dd642f41ca6dfb4320ee76af50d29037fc5d01778c12a3
  • nginx-mod-devel-1.20.1-14.el9_2.1.alma.1.tuxcare.els8.x86_64.rpm
    sha:6df9b148016651f0ed55f122b8ea1b85bc061aa83e11b6ced5d5f68111efc4a7
  • nginx-mod-http-image-filter-1.20.1-14.el9_2.1.alma.1.tuxcare.els8.x86_64.rpm
    sha:1c57e7e744219fa57d88bb8efec58f2758585d1ba03774df1b6a07654cfe49cc
  • nginx-mod-http-perl-1.20.1-14.el9_2.1.alma.1.tuxcare.els8.x86_64.rpm
    sha:6f449a68727dc1ec8b8c49b4a14c85d0280749e3b6291760fabf4a29b2422f66
  • nginx-mod-http-xslt-filter-1.20.1-14.el9_2.1.alma.1.tuxcare.els8.x86_64.rpm
    sha:f0c2c8f83b3002a377b35444e26538eb00698ccac0a794d204cca0c59a690aab
  • nginx-mod-mail-1.20.1-14.el9_2.1.alma.1.tuxcare.els8.x86_64.rpm
    sha:4d4006bffac8904062a0b1ba88aac088ae10c3630098efa3e7584ee092383f67
  • nginx-mod-stream-1.20.1-14.el9_2.1.alma.1.tuxcare.els8.x86_64.rpm
    sha:05c7c4637f45e40524f035a904f5869de5f37d14e7dd9270d0e939c414f11fe8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.