Release date:
2026-07-10 15:16:09 UTC
Description:
- fix CVE-2026-42055: HPACK field-length validation in HTTP/2 gRPC request
builder and HTTP/2 response header filter; fields exceeding
NGX_HTTP_V2_MAX_FIELD now return NGX_ERROR instead of overflowing the
4-byte HPACK length prefix
Updated packages:
-
nginx-1.20.1-14.el9_2.1.alma.1.tuxcare.els10.x86_64.rpm
sha:46a13629d1d5c10ec5accd6fc62cfb103ebba5b140174556471ee49e2f0669ca
-
nginx-all-modules-1.20.1-14.el9_2.1.alma.1.tuxcare.els10.noarch.rpm
sha:851503a458f1ae30c59ef06c794033c1ff6f38f97a3969ede8d701585f31d02e
-
nginx-core-1.20.1-14.el9_2.1.alma.1.tuxcare.els10.x86_64.rpm
sha:51fd863d7100c60107b3a6a8add29f05004240da800d6e9bdd1200c988f254be
-
nginx-filesystem-1.20.1-14.el9_2.1.alma.1.tuxcare.els10.noarch.rpm
sha:ab25e80d33c329e27fa89e4b4bb54eecdde6ace1271eb7d4a14acac946c88248
-
nginx-mod-devel-1.20.1-14.el9_2.1.alma.1.tuxcare.els10.x86_64.rpm
sha:ee72985c777fddc72f3a5110ccf3aa0a0d4bd0479ae1d59f0c6196cac55aa687
-
nginx-mod-http-image-filter-1.20.1-14.el9_2.1.alma.1.tuxcare.els10.x86_64.rpm
sha:ba56804da16c36f1f29f6b980cb829e7eead0d98afe4b2b4e4cc3cd1c3196e7b
-
nginx-mod-http-perl-1.20.1-14.el9_2.1.alma.1.tuxcare.els10.x86_64.rpm
sha:1e6eb680b62b37357beb6b3c235785aac2ca0024780cfc74ccb218b830ef38d6
-
nginx-mod-http-xslt-filter-1.20.1-14.el9_2.1.alma.1.tuxcare.els10.x86_64.rpm
sha:039ca883bd25ad9f4b91ab3df6a0d417e1a3ea24b0dac733d894d0439cb7088b
-
nginx-mod-mail-1.20.1-14.el9_2.1.alma.1.tuxcare.els10.x86_64.rpm
sha:82b081694672b8c949c268e2b7010d024a31a04c26ba2dc745dabb45a30efc57
-
nginx-mod-stream-1.20.1-14.el9_2.1.alma.1.tuxcare.els10.x86_64.rpm
sha:8347fd502e00dabcac9d2e4d40a72809f6a1fbe738c773cbe28cfad10e21c00c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.