[Pkg-nginx-maintainers] nginx_1.26.3-3+deb13u3_source.changes ACCEPTED into proposed-updates->stable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sat Apr 4 20:34:18 BST 2026
Thank you for your contribution to Debian.
Mapping trixie to stable.
Mapping stable to proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 30 Mar 2026 17:41:51 +0000
Source: nginx
Architecture: source
Version: 1.26.3-3+deb13u3
Distribution: trixie
Urgency: medium
Maintainer: Debian Nginx Maintainers <pkg-nginx-maintainers at alioth-lists.debian.net>
Changed-By: Jan Mojžíš <janmojzis at debian.org>
Changes:
nginx (1.26.3-3+deb13u3) trixie; urgency=medium
.
* backport changes from upstream nginx, fixes for buffer overflow
vulnerability in the ngx_http_dav_module (CVE-2026-27654), buffer overflow
vulnerabilities in the ngx_http_mp4_module (CVE-2026-27784, CVE-2026-32647),
mail session authentication vulnerabilities (CVE-2026-27651, CVE-2026-28753)
and OCSP result bypass vulnerability in stream (CVE-2026-28755)
* d/p/CVE-2026-27651.patch add
* d/p/CVE-2026-27654.patch add
* d/p/CVE-2026-27784.patch add
* d/p/CVE-2026-28753.patch add
* d/p/CVE-2026-28755.patch add
* d/p/CVE-2026-32647.patch add
Checksums-Sha1:
a4e9069ceb2f929627aab5ded9201084428f9ab2 3827 nginx_1.26.3-3+deb13u3.dsc
19fd64dc80b54fb8c1c1454d0a3bbedc3b95e2ca 84776 nginx_1.26.3-3+deb13u3.debian.tar.xz
a67ac7a0c47e12196817287cfcfa99f2f3db6ab6 8266 nginx_1.26.3-3+deb13u3_source.buildinfo
Checksums-Sha256:
11d7a0089369ff09a2513151bf945cfb1d73bd2666fed1d14b9a535f0a836db3 3827 nginx_1.26.3-3+deb13u3.dsc
7e597d8f7b419a2bb734953a7f3a03060678bb093c47a3462455bc885cde68b7 84776 nginx_1.26.3-3+deb13u3.debian.tar.xz
dac03d9f5abd6d29c457e203bdd4cb1cf9388151e4b79566b30a159a5d542325 8266 nginx_1.26.3-3+deb13u3_source.buildinfo
Files:
f1683fe247a23bf2f247895922ff0fda 3827 httpd optional nginx_1.26.3-3+deb13u3.dsc
6558185383c495ad510b66c1dad1eceb 84776 httpd optional nginx_1.26.3-3+deb13u3.debian.tar.xz
3dbf0d3fcd74b84ed08c309d0ce15503 8266 httpd optional nginx_1.26.3-3+deb13u3_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJJBAEBCgAzFiEE0Aiwwj2EeeRrn8uQRdpRdJaTn/kFAmnRZMUVHGphbm1vanpp
c0BkZWJpYW4ub3JnAAoJEEXaUXSWk5/5zv4P/jfVJNF50D3y0YnnqIV9d8uWVuGO
076IDhB4eZYiksQy6i3dbb977BDcO0WYCLVuLCgAWeNO9pIpQWT980MG0yB8Q/fh
nTt8Ja129ipLA+5p9n7uQ/I1VcSlniltWNXL7KSUDkqR7tOe9hac5dfOnTanVyje
yw3STQFKrU1T5EsIOnOLG/uxXJR7cWIlvnjLRdYVKeBRM2q/hyo+b3sG31J+XUa6
+2FL8Y6jpx4hkwLp7ZHyNNWQnfe9bm/A/4BxpAObKydfYvPIbRDgiL5uR07Ne75V
HEVrTp1RqfXsRH9R5ZENbjjbfsfN7dOUT5UpOkgbU/COQUhAQoV4MACrrCjiTF0F
vqJnnO6qlTN4jcEAp2jt8AkloPyJLFvh929B+h80trPScxwpu40mJLU8YcktnXHG
I4HiIVlylZyWla13i0fQYT5NH34dDYb3MG3G1VlqbbOJMXIXqAUSQFZoYlTy8I48
RJYDh/fZ1uwDSKexRTVaEMJpnf+WncZRz4HDNb0mJWzsU2pWBOIr/vo6gt4kJVT+
q6EI45cIGZc7Oq+z8ayWfC8+CucoFEPtZkhK9XpxGtueICt2bb0yQGKCcV1eCShn
vQyk2Ul/+JROUrRXIpATG0genXgGRhR7VLrtKkmRSRimm01+KJQ+OBQJOIFUjwBG
vhBr/X3jJexoK3z+
=jHZv
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-nginx-maintainers/attachments/20260404/c1c6014f/attachment.sig>
More information about the Pkg-nginx-maintainers
mailing list