-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:22:02 +0000
Source: nginx
Binary: libnginx-mod-http-geoip libnginx-mod-http-geoip-dbgsym libnginx-mod-http-image-filter libnginx-mod-http-image-filter-dbgsym libnginx-mod-http-perl libnginx-mod-http-perl-dbgsym libnginx-mod-http-xslt-filter libnginx-mod-http-xslt-filter-dbgsym libnginx-mod-mail libnginx-mod-mail-dbgsym libnginx-mod-stream libnginx-mod-stream-dbgsym libnginx-mod-stream-geoip libnginx-mod-stream-geoip-dbgsym nginx nginx-dbgsym nginx-extras
Architecture: arm64
Version: 1.26.3-3+deb13u6
Distribution: trixie-security
Urgency: medium
Maintainer: arm64 Build Daemon (arm-conova-04) <buildd_arm64-arm-conova-04@buildd.debian.org>
Changed-By: Jan Mojžíš <janmojzis@debian.org>
Description:
 libnginx-mod-http-geoip - GeoIP HTTP module for Nginx
 libnginx-mod-http-image-filter - HTTP image filter module for Nginx
 libnginx-mod-http-perl - Perl module for Nginx
 libnginx-mod-http-xslt-filter - XSLT Transformation module for Nginx
 libnginx-mod-mail - Mail module for Nginx
 libnginx-mod-stream - Stream module for Nginx
 libnginx-mod-stream-geoip - GeoIP Stream module for Nginx
 nginx      - small, powerful, scalable web/proxy server
 nginx-extras - nginx web/proxy server (extended version)
Changes:
 nginx (1.26.3-3+deb13u6) trixie-security; urgency=medium
 .
   * Apply both patches to fix CVE-2026-42946. In the previous version,
     only one part of the patch was applied, so the fix was incomplete.
     This really fixes CVE-2026-42946, thanks to charles@debian.org for
     pointing it out.
     * d/p/CVE-2026-42946.patch rename to d/p/CVE-2026-42946.2.patch
     * d/p/CVE-2026-42946.1.patch add
   * backport fix for buffer overflow vulnerability in the
     ngx_http_rewrite_module (CVE-2026-9256) from upstream 1.30.2 nginx.
     * d/p/CVE-2026-9256.patch add
   * backport max_headers directive from upstream nginx. It limits the number
     of request headers accepted from clients. Fixes remote denial-of-service
     exploit.
     And move max_headers from core module to the ngx_http_header_count_module
     to avoid potential ABI breakage and keep all the 3rd party modules
     compatible with the new version of nginx without recompilation.
     A big thanks to Miao Wang for preparing the modification.
     Fixes TEMP-1138794-BADE22.
     * d/p/FIX-HTTP2bomb.patch add
Checksums-Sha1:
 9593b74e979c99cd8b18128ed1781b26daca2bef 38060 libnginx-mod-http-geoip-dbgsym_1.26.3-3+deb13u6_arm64.deb
 9e4232b501f41a6bb884ffb2a3a68e1646317dcb 89132 libnginx-mod-http-geoip_1.26.3-3+deb13u6_arm64.deb
 90ce7d623bc04861578bdd599a2ccab6a545b3b9 45544 libnginx-mod-http-image-filter-dbgsym_1.26.3-3+deb13u6_arm64.deb
 0d013c7a511fefacd847ea04dc3bdce75f0d1ff1 92392 libnginx-mod-http-image-filter_1.26.3-3+deb13u6_arm64.deb
 19bafefffc27aa1b089b0a4fc6c17b64cd7024e8 108216 libnginx-mod-http-perl-dbgsym_1.26.3-3+deb13u6_arm64.deb
 e68b5d39254f58ac58f71fe9337666a7fb83a393 100404 libnginx-mod-http-perl_1.26.3-3+deb13u6_arm64.deb
 0e08ad64de480ed1f84e178d60323520033020d0 54308 libnginx-mod-http-xslt-filter-dbgsym_1.26.3-3+deb13u6_arm64.deb
 53eec01c096b523eb6b5053f1a5c3f86388dd08a 91164 libnginx-mod-http-xslt-filter_1.26.3-3+deb13u6_arm64.deb
 6c2eb31db4aed71acb038f63f4ba16c079ac188c 103508 libnginx-mod-mail-dbgsym_1.26.3-3+deb13u6_arm64.deb
 0d35089ab5e62f149518ab8d56eea02438bd8263 120380 libnginx-mod-mail_1.26.3-3+deb13u6_arm64.deb
 60d31178a730a801c9d05dc9612b1f701aff8b98 182336 libnginx-mod-stream-dbgsym_1.26.3-3+deb13u6_arm64.deb
 c9e7738e909c5b6d0fa4834030ee39091b925b3f 24092 libnginx-mod-stream-geoip-dbgsym_1.26.3-3+deb13u6_arm64.deb
 146e63be84854da3c12c1a09fdf13ec9cf337616 88292 libnginx-mod-stream-geoip_1.26.3-3+deb13u6_arm64.deb
 3b5264a6ab165355fc051f454a4af144fe2ba402 148804 libnginx-mod-stream_1.26.3-3+deb13u6_arm64.deb
 2e3a74b47dda37ae96410c835835e2688cc65b7b 1306404 nginx-dbgsym_1.26.3-3+deb13u6_arm64.deb
 9b5367e7dd7499025091f4334dd76c49af6b8749 84488 nginx-extras_1.26.3-3+deb13u6_arm64.deb
 f923c204b1d1e359bf919fe29fcedf1eca4b9300 13935 nginx_1.26.3-3+deb13u6_arm64-buildd.buildinfo
 caf687275d6781250e0028e1b2ed7397b787c96a 569540 nginx_1.26.3-3+deb13u6_arm64.deb
Checksums-Sha256:
 c1c425842ffeea126ff35ef9988069ee2a761df1bb258a93e0e25c2f4b263552 38060 libnginx-mod-http-geoip-dbgsym_1.26.3-3+deb13u6_arm64.deb
 51d12bab09f03823a5e529b7d01bb3f4b41009afd7f340ad875115c980ceb802 89132 libnginx-mod-http-geoip_1.26.3-3+deb13u6_arm64.deb
 ae4c697ac1dc668ad37648d2b2deede4b787bea09f68454ebfd71f62b2ec1830 45544 libnginx-mod-http-image-filter-dbgsym_1.26.3-3+deb13u6_arm64.deb
 1722b70007ca72fb138d6d405a28a49b459f7813153b4ebe64914843b5c1a6c4 92392 libnginx-mod-http-image-filter_1.26.3-3+deb13u6_arm64.deb
 a20fba93a20822f0badcc7d096e224a3ee7e71c001f6554e01f7598acadbad87 108216 libnginx-mod-http-perl-dbgsym_1.26.3-3+deb13u6_arm64.deb
 579ebc8349f8caf9ef494f3878f4633e8ec7ce864023ba5995aed5f2d05c5ada 100404 libnginx-mod-http-perl_1.26.3-3+deb13u6_arm64.deb
 0c28ade58137783f679bfdbe8caca29a94c2dd81cfd56e187255b1fa9becb28b 54308 libnginx-mod-http-xslt-filter-dbgsym_1.26.3-3+deb13u6_arm64.deb
 c1b9a3a0458fc3e8a26ef2f7cce81b7f90d06ae71a5e7f109d2d9e31322a54ae 91164 libnginx-mod-http-xslt-filter_1.26.3-3+deb13u6_arm64.deb
 2c5704f8c8fea34e4921b433f2a0f55472c14f0f965a69d09e27a73d30d0fa93 103508 libnginx-mod-mail-dbgsym_1.26.3-3+deb13u6_arm64.deb
 da0baf0a208d964f8b5b2e960081571361c7cf6566b176a30bfd3629b812c396 120380 libnginx-mod-mail_1.26.3-3+deb13u6_arm64.deb
 4bd131e62c3cef2d80a4fe6b63cbd178baeda6fee70cb55c221609217bd6e825 182336 libnginx-mod-stream-dbgsym_1.26.3-3+deb13u6_arm64.deb
 e821e3728a3fd30a80734a8410388ac466656060a68a1f323a8f507edea91487 24092 libnginx-mod-stream-geoip-dbgsym_1.26.3-3+deb13u6_arm64.deb
 638ab0c121156f957c87b350417ec8f4ec3d9705aabce0fd32810422eba7b617 88292 libnginx-mod-stream-geoip_1.26.3-3+deb13u6_arm64.deb
 53bf23eeac3d54c85cbe6914fd7a078a8869275fd53964fee3deb699459c1262 148804 libnginx-mod-stream_1.26.3-3+deb13u6_arm64.deb
 9c5972c9891a86e21939a81cd2d7a186a8f45587d2600d3cab80a60e378a42df 1306404 nginx-dbgsym_1.26.3-3+deb13u6_arm64.deb
 296c62f7371b2926ffc3e7a5d0d505940d52e8d0c9c4c14738f549c84871ea44 84488 nginx-extras_1.26.3-3+deb13u6_arm64.deb
 ce3f59e436f8583844933f8aea8aab82323a33f98e9c44f43deae8bb6ed5061d 13935 nginx_1.26.3-3+deb13u6_arm64-buildd.buildinfo
 09ff1ef4d1d9b1c5bdfef65cfbd5ec99ca8437e200945c32ea02022bf8aefe43 569540 nginx_1.26.3-3+deb13u6_arm64.deb
Files:
 21bc9b2e49167e93a690cd5d55d0fd39 38060 debug optional libnginx-mod-http-geoip-dbgsym_1.26.3-3+deb13u6_arm64.deb
 77896d71f2c3b5567b2bd9346b30951e 89132 httpd optional libnginx-mod-http-geoip_1.26.3-3+deb13u6_arm64.deb
 2117de30c86f62362fd95b3dc1c022c5 45544 debug optional libnginx-mod-http-image-filter-dbgsym_1.26.3-3+deb13u6_arm64.deb
 f0eb119ef95bb1a57354734c78b1ff69 92392 httpd optional libnginx-mod-http-image-filter_1.26.3-3+deb13u6_arm64.deb
 c9c18d44c4a07c428af6dbec991fdb33 108216 debug optional libnginx-mod-http-perl-dbgsym_1.26.3-3+deb13u6_arm64.deb
 2274ce330b76db9fd72592fb702a9883 100404 httpd optional libnginx-mod-http-perl_1.26.3-3+deb13u6_arm64.deb
 b6a475aefaf3ae26a8807d35a49ebaf7 54308 debug optional libnginx-mod-http-xslt-filter-dbgsym_1.26.3-3+deb13u6_arm64.deb
 74f0974d789c94ee1470d3e189f7a0fc 91164 httpd optional libnginx-mod-http-xslt-filter_1.26.3-3+deb13u6_arm64.deb
 0f3f7c320e3dac286ec9c0bf66ca3223 103508 debug optional libnginx-mod-mail-dbgsym_1.26.3-3+deb13u6_arm64.deb
 d9c4111eef2c7a3c78ec05e1285dcdd1 120380 httpd optional libnginx-mod-mail_1.26.3-3+deb13u6_arm64.deb
 e59070cff9c540a00656e3ca551f20f1 182336 debug optional libnginx-mod-stream-dbgsym_1.26.3-3+deb13u6_arm64.deb
 20830038ba2970b0720ea558601c7232 24092 debug optional libnginx-mod-stream-geoip-dbgsym_1.26.3-3+deb13u6_arm64.deb
 aab1d64d0b67b856a42acc1108b6d310 88292 httpd optional libnginx-mod-stream-geoip_1.26.3-3+deb13u6_arm64.deb
 0429de3c1e32c999e1ff8f42de450401 148804 httpd optional libnginx-mod-stream_1.26.3-3+deb13u6_arm64.deb
 3b378d2224e571005a984ecb1bee726e 1306404 debug optional nginx-dbgsym_1.26.3-3+deb13u6_arm64.deb
 c89acdb811ab99424745ae28a9e3b432 84488 httpd optional nginx-extras_1.26.3-3+deb13u6_arm64.deb
 28d54074a65746de42dd5688e5312f67 13935 httpd optional nginx_1.26.3-3+deb13u6_arm64-buildd.buildinfo
 767b8db0b26dbdfaae66133ee8d8da5b 569540 httpd optional nginx_1.26.3-3+deb13u6_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYxmcRLDHP0tCCM0oScpU3dYulLgFAmokM0cACgkQScpU3dYu
lLjEQRAAin+2XWbPFClQ7jvFxnJX7qKKu3gGUELI7/eFmK2F7rPePTeGR/1lIbXs
kg5o0s9H2BEJij+mphYdqtRWEvr2wuWIYAvGoTzN31zhSSMXLmIXoKd9DYtv+bM8
9A1nOaaGKf55t2KZjc84zXOUjAIKUJ3a9PRi6K/ez5pRi8g3fRqYJbeCXh213m9/
R3jP7CuBIhdIrz+RK5aWWhzkSM1EtjpvxKxMo1fIOPGiCL29qD4U74Whsu6VJChv
pTm/F1lDNPFByIDw5pToGvO+BR5ulDWVGWXa4pAlqlJouoRYsQ1yN09CtN9P3aj8
k5r08pQJHQQs5Qwu7MYJYeD9y0phiSxTYswg6NlDrCdIYbO+zp4jtcCdmDPNyhjq
R7IfalnyGTjdvsHIHOzUXbdZNOo/WigdLaKDIeAsYlq0wzKZQBpDi3pbmFnPq8+T
kJAL6H6Kh6GHcl0qB9LyxmrnCNRi8ED0tdMpXfRvIeWjEz1qjOi2stofRMsPvCvJ
4L+FPtOTBJ1vhGvEq1f4x6YT76A9Cj6citvFR94bw2qvng5H8MWtMFo2uzzRaCau
q43+v0tXHZ/VfeGa0wNGH2uGGmDnuEeYEyxziDgQgQa7nsYDdnnkmqRhuLTjcd8X
7jzWRf3FWHOVMd0AXoRW/N3PWY3Im7WbidTd30t8jW8hN/p2CuI=
=v+4O
-----END PGP SIGNATURE-----