RLSA-2026:7343

Security

Mirrored from RHSA-2026:7343

Issued at: 2026-04-10

Updated at: 2026-04-10

Synopsis

Important: nginx:1.26 security update

Description

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.

Security Fix(es):

* nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files (CVE-2026-32647)

* NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module (CVE-2026-27654)

* NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file (CVE-2026-27784)

* NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled (CVE-2026-27651)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 9 aarch64

Rocky Linux 9 ppc64le

Rocky Linux 9 s390x

Rocky Linux 9 x86_64

Fixes

2449598

2450776

2450785

2450791

CVEs

CVE-2026-27651

CVE-2026-27654

CVE-2026-27784

CVE-2026-32647

Affected packages

Rocky Linux 9 aarch64 - AppStream

nginx-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.src.rpm

nginx-all-modules-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.noarch.rpm

nginx-core-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-debugsource-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-filesystem-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.noarch.rpm

nginx-mod-devel-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-mod-mail-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-mod-stream-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.aarch64.rpm

Rocky Linux 9 ppc64le - AppStream

nginx-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.src.rpm

nginx-all-modules-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.noarch.rpm

nginx-core-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-debugsource-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-filesystem-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.noarch.rpm

nginx-mod-devel-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-mod-mail-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-mod-stream-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.ppc64le.rpm

Rocky Linux 9 s390x - AppStream

nginx-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.src.rpm

nginx-all-modules-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.noarch.rpm

nginx-core-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-debugsource-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-filesystem-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.noarch.rpm

nginx-mod-devel-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-mod-mail-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-mod-stream-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.s390x.rpm

Rocky Linux 9 x86_64 - AppStream

nginx-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.src.rpm

nginx-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-all-modules-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.noarch.rpm

nginx-core-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-core-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-debugsource-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-filesystem-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.noarch.rpm

nginx-mod-devel-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-mod-http-image-filter-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-mod-http-image-filter-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-mod-http-perl-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-mod-http-perl-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-mod-http-xslt-filter-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-mod-http-xslt-filter-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-mod-mail-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-mod-mail-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-mod-stream-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm

nginx-mod-stream-debuginfo-2:1.26.3-2.module+el9.7.0+40103+2443f6d1.x86_64.rpm