diff mbox series

[meta-webserver,3/5] nginx: upgrade 1.30.0 -> 1.30.1

Message ID 20260521223623.1335832-3-ankur.tyagi85@gmail.com
State Accepted
Headers show
Series [meta-python,1/5] python3-django: upgrade 5.2.13 -> 5.2.14 | expand

Commit Message

Ankur Tyagi May 21, 2026, 10:36 p.m. UTC 
From: Ankur Tyagi <ankur.tyagi85@gmail.com>

Changes with nginx 1.30.1

*) Security: when using the "proxy_set_body" directive, an attacker
   might inject data in the proxied request to an HTTP/2 backend
   (CVE-2026-42926).
*) Security: a heap memory buffer overflow might occur in a worker
   process while handling a specially crafted request by
   ngx_http_rewrite_module, potentially resulting in arbitrary code
   execution (CVE-2026-42945).
*) Security: a heap memory buffer overread might occur in a worker
   process while handling a specially crafted response by
   ngx_http_scgi_module or ngx_http_uwsgi_module, allowing an attacker
   to cause a disclosure of worker process memory or segmentation fault
   in a worker process (CVE-2026-42946).
*) Security: a heap memory buffer overread might occur in a worker
   process while handling a specially sent response with decoding from
   UTF-8 via the "charset_map" directive, allowing an attacker to cause
   a limited disclosure of worker proccess memory or segmentation fault
   in a worker process (CVE-2026-42934).
*) Security: when using HTTP/3, processing of connection migration might
   cause new QUIC streams to receive a new client address before
   validation, allowing an attacker to cause address spoofing
   (CVE-2026-40460).
*) Security: use-after-free might occur during DNS server response
   processing if the "ssl_ocsp" directive was used, allowing an attacker
   to cause worker process memory corruption or segmentation fault in a
   worker process (CVE-2026-40701).
*) Bugfix: connections with HTTP/2 backends might not be cached when
   using the "proxy_set_body" or "proxy_pass_request_body" directives.
*) Bugfix: proxied HTTP/0.9, SCGI, or uWSGI responses might be
   transferred incorrectly if the first line was not fully read.

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
 .../recipes-httpd/nginx/{nginx_1.30.0.bb => nginx_1.30.1.bb}    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-webserver/recipes-httpd/nginx/{nginx_1.30.0.bb => nginx_1.30.1.bb} (51%)
diff mbox series

Patch

diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.30.0.bb b/meta-webserver/recipes-httpd/nginx/nginx_1.30.1.bb
similarity index 51%
rename from meta-webserver/recipes-httpd/nginx/nginx_1.30.0.bb
rename to meta-webserver/recipes-httpd/nginx/nginx_1.30.1.bb
index 139fe24dcd..f774979f89 100644
--- a/meta-webserver/recipes-httpd/nginx/nginx_1.30.0.bb
+++ b/meta-webserver/recipes-httpd/nginx/nginx_1.30.1.bb
@@ -2,5 +2,5 @@  require nginx.inc
 
 LIC_FILES_CHKSUM = "file://LICENSE;md5=79da1c70d587d3a199af9255ad393f99"
 
-SRC_URI[sha256sum] = "058188c64bf22baecaa72b809a6318a4f9ba623889c554feab03f7cb853ab31b"
+SRC_URI[sha256sum] = "99765000d974896b31ca5882d8c279ce3fe7ef6f5c6f9f0a967ed7fd3407f9cc"