Описание
ELSA-2026-4235: nginx:1.26 security update (MODERATE)
[2:1.26.3-2.0.1]
- Require oracle-indexhtml
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
Module nginx:1.26 is enabled
nginx
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-all-modules
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-core
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-filesystem
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-devel
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-http-image-filter
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-http-perl
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-http-xslt-filter
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-mail
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-stream
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
Oracle Linux x86_64
Module nginx:1.26 is enabled
nginx
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-all-modules
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-core
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-filesystem
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-devel
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-http-image-filter
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-http-perl
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-http-xslt-filter
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-mail
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
nginx-mod-stream
1.26.3-2.0.1.module+el9.7.0+90839+78c19072
Связанные CVE
Связанные уязвимости
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response from an upstream proxied server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response from an upstream proxied server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response from an upstream proxied server. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
A vulnerability exists in NGINX OSS and NGINX Plus when configured to ...
