[Apollo] Advisories Statistics light light Login

RLSA-2026:6907

Security Mirrored from RHSA-2026:6907
Issued at: 2026-04-09
Updated at: 2026-04-10

Synopsis

Important: nginx:1.24 security update



Description

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

Security Fix(es):

* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)

* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)

* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)

* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2449598 2450776 2450785 2450791

CVEs

CVE-2026-27651 CVE-2026-27654 CVE-2026-27784 CVE-2026-32647

Affected packages

Rocky Linux 8 aarch64 - AppStream

nginx-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-1:1.24.0-3.module+el8.10.0+40144+38158758.src.rpm nginx-all-modules-1:1.24.0-3.module+el8.10.0+40144+38158758.noarch.rpm nginx-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-debugsource-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-filesystem-1:1.24.0-3.module+el8.10.0+40144+38158758.noarch.rpm nginx-mod-devel-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-mod-mail-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-mod-stream-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

nginx-1:1.24.0-3.module+el8.10.0+40144+38158758.src.rpm nginx-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-all-modules-1:1.24.0-3.module+el8.10.0+40144+38158758.noarch.rpm nginx-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-debugsource-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-filesystem-1:1.24.0-3.module+el8.10.0+40144+38158758.noarch.rpm nginx-mod-devel-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-mod-http-image-filter-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-mod-http-image-filter-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-mod-http-perl-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-mod-http-perl-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-mod-http-xslt-filter-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-mod-http-xslt-filter-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-mod-mail-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-mod-mail-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-mod-stream-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm nginx-mod-stream-debuginfo-1:1.24.0-3.module+el8.10.0+40144+38158758.x86_64.rpm