[Git][security-tracker-team/security-tracker][master] Mark nginx issue as postponed

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
debb48dd by Salvatore Bonaccorso at 2026-05-20T07:25:55+02:00
Mark nginx issue as postponed

We did not properly fix it in the last DSA, but it is not worth rolling
out new updates just for this issue. Thus postpone it until next nginx
update (either via point release or DSA).

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2878,6 +2878,8 @@ CVE-2026-42945 (NGINX Plus and NGINX Open Source have a vulnerability in the ngx
 CVE-2026-42946 (A vulnerability exists in the ngx_http_scgi_moduleand ngx_http_uwsgi_m ...)
 	{DLA-4589-1}
 	- nginx 1.30.0-4
+	[trixie] - nginx <postponed> (Minor issue; can be fixed with next update)
+	[bookworm] - nginx <postponed> (Minor issue; can be fixed with next update)
 	NOTE: https://my.f5.com/manage/s/article/K000161027
 	NOTE: https://nginx.org/en/security_advisories.html
 	NOTE: https://github.com/nginx/nginx/commit/baef7fdac28e4e1fe26509b50b8d15603393e28e (release-1.30.1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/debb48dd1c6b8a3448fd504dd57378e85e38fb4d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/debb48dd1c6b8a3448fd504dd57378e85e38fb4d
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260520/f8e18057/attachment.htm>