This bug was fixed in the package nginx - 1.28.0-6ubuntu1.3
---------------
nginx (1.28.0-6ubuntu1.3) questing-security; urgency=medium
[ Thomas Ward ]
* SECURITY UPDATE: buffer overrun in ngx_http_rewrite_module
(LP: #2152577)
- d/patches/cve-2026-42945.patch: Apply upstream commit/fix
for CVE
- CVE-2026-42945
-- Marc Deslauriers <[email protected]> Thu, 14 May 2026
09:51:24 +0200
** Changed in: nginx (Ubuntu Questing)
Status: In Progress => Fix Released
** Changed in: nginx (Ubuntu Noble)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2152577
Title:
CVE-2026-42945: heap-based buffer overflow in ngx_http_rewrite_module
(NGINX Rift)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2152577/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
