[Git][security-tracker-team/security-tracker][master] Add references to upstream comits for nginx issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 31 07:11:33 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4c06d926 by Salvatore Bonaccorso at 2026-03-31T08:10:55+02:00
Add references to upstream comits for nginx issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3597,6 +3597,7 @@ CVE-2026-32647 (NGINX Open Source and NGINX Plus have a vulnerability in the ngx
[trixie] - nginx <no-dsa> (Minor issue)
[bookworm] - nginx <no-dsa> (Minor issue)
NOTE: https://my.f5.com/manage/s/article/K000160366
+ NOTE: Fixed by: https://github.com/nginx/nginx/commit/a172c880cb51f882a5dc999437e8b3a4f87630cc (release-1.28.3)
CVE-2026-30932 (Froxlor is open source server administration software. Prior to versio ...)
- froxlor <itp> (bug #581792)
CVE-2026-30662 (ConcreteCMS v9.4.7 contains a Denial of Service (DoS) vulnerability in ...)
@@ -3620,26 +3621,31 @@ CVE-2026-28755 (NGINX Plus and NGINX Open Source have a vulnerability in the ngx
[trixie] - nginx <no-dsa> (Minor issue)
[bookworm] - nginx <no-dsa> (Minor issue)
NOTE: https://my.f5.com/manage/s/article/K000160368
+ NOTE: Fixed by: https://github.com/nginx/nginx/commit/78f581487706f2e43eea5a060c516fc4d98090e8 (release-1.28.3)
CVE-2026-28753 (NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_ ...)
- nginx 1.28.3-1
[trixie] - nginx <no-dsa> (Minor issue)
[bookworm] - nginx <no-dsa> (Minor issue)
NOTE: https://my.f5.com/manage/s/article/K000160367
+ NOTE: Fixed by: https://github.com/nginx/nginx/commit/6a8513761fb327f67fcc6cfcf1ad216887e2589f (release-1.28.3)
CVE-2026-27784 (The 32-bit implementation of NGINX Open Source has a vulnerability in ...)
- nginx 1.28.3-1
[trixie] - nginx <no-dsa> (Minor issue)
[bookworm] - nginx <no-dsa> (Minor issue)
NOTE: https://my.f5.com/manage/s/article/K000160364
+ NOTE: Fixed by: https://github.com/nginx/nginx/commit/b23ac73b00313d159a99636c21ef71b828781018 (release-1.28.3)
CVE-2026-27654 (NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_ ...)
- nginx 1.28.3-1
[trixie] - nginx <no-dsa> (Minor issue)
[bookworm] - nginx <no-dsa> (Minor issue)
NOTE: https://my.f5.com/manage/s/article/K000160382
+ NOTE: Fixed by: https://github.com/nginx/nginx/commit/a1d18284e0a173c4ef2b28425535d0f640ae0a82 (release-1.28.3)
CVE-2026-27651 (When the ngx_mail_auth_http_modulemodule is enabled on NGINX Plus or N ...)
- nginx 1.28.3-1
[trixie] - nginx <no-dsa> (Minor issue)
[bookworm] - nginx <no-dsa> (Minor issue)
NOTE: https://my.f5.com/manage/s/article/K000160383
+ NOTE: Fixed by: https://github.com/nginx/nginx/commit/0f71dd8ea94ab8c123413b2e465be12a35392e9c (release-1.28.3)
CVE-2026-26809
REJECTED
CVE-2026-23924 (Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.co ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c06d926651210b3af1bb8c2926e714056aed278
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c06d926651210b3af1bb8c2926e714056aed278
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260331/49d5068e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list