This bug was fixed in the package nginx - 1.28.3-2ubuntu1.1
---------------
nginx (1.28.3-2ubuntu1.1) resolute-security; urgency=medium
* SECURITY UPDATE: buffer overrun in ngx_http_rewrite_module
(LP: #2152577)
- d/patches/cve-2026-42945.patch: Apply upstream commit/fix
for CVE
- CVE-2026-42945
-- Thomas Ward <[email protected]> Wed, 13 May 2026 17:01:19 -0400
** Changed in: nginx (Ubuntu Resolute)
Status: In Progress => Fix Released
** Changed in: nginx (Ubuntu Jammy)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2152577
Title:
CVE-2026-42945: heap-based buffer overflow in ngx_http_rewrite_module
(NGINX Rift)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2152577/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
