Stay Connected:

ELSA-2026-5599

ELSA-2026-5599 - nginx security update

Type:SECURITY
Impact:MODERATE
Release Date:2026-03-25

Description


[1.20.1-24.0.1.el9_7.1]
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]
- Update upstream references [Orabug: 36579090]

[2:1.20.1-24.1]
- Resolves: RHEL-146525 - nginx: NGINX: Data injection via man-in-the-middle
attack on TLS proxied connections (CVE-2026-1642)

[2:1.20.1-24]
- Resolves: RHEL-84477 - nginx: specially crafted MP4 file may cause
denial of service (CVE-2024-7347)
- Resolves: RHEL-85556 - nginx: Memory disclosure in the
ngx_http_mp4_module (CVE-2022-41742)
- Resolves: RHEL-91446 - nginx: Memory corruption in the
ngx_http_mp4_module (CVE-2022-41741)

[2:1.20.1-23]
- Resolves: RHEL-6786 - SSL-errors 0A000126 / NS_NET_ERROR_PARTIAL_TRANSFER
at nginx with reverse-proxy


Related CVEs


CVE-2026-1642

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) nginx-1.20.1-24.0.1.el9_7.1.src.rpm683e3431e51afe4271646dbd58177f34c3c3bdc5bbaff8183d02b596cf33d047-ol9_aarch64_appstream
nginx-1.20.1-24.0.1.el9_7.1.src.rpm683e3431e51afe4271646dbd58177f34c3c3bdc5bbaff8183d02b596cf33d047-ol9_aarch64_codeready_builder
nginx-1.20.1-24.0.1.el9_7.1.aarch64.rpm5f4bbb3ea8e9b1c89ef4737e89048eeead41e0a862815de5f6ab3bc26b322901-ol9_aarch64_appstream
nginx-all-modules-1.20.1-24.0.1.el9_7.1.noarch.rpm6b8f4b35cedbb2c870af157a174ba3182fee012c0a69699d647dd037c413603d-ol9_aarch64_appstream
nginx-core-1.20.1-24.0.1.el9_7.1.aarch64.rpmc294addcb57f5f4876ea1910a2202dbd9a85372755d345974db169deecec3b95-ol9_aarch64_appstream
nginx-filesystem-1.20.1-24.0.1.el9_7.1.noarch.rpm8c90a2968fb40b1936ce11eb85bd31e6bf992e0c0ac2f0ae0dd28c0d377fb3dc-ol9_aarch64_appstream
nginx-mod-devel-1.20.1-24.0.1.el9_7.1.aarch64.rpm6b50fa26acdc6bf90e1fa1e409f7fd858478fc14b33ad93e7634286651faf60f-ol9_aarch64_codeready_builder
nginx-mod-http-image-filter-1.20.1-24.0.1.el9_7.1.aarch64.rpm2e165cffac6dd5726563bb8408f64c5fc84e7e4c350eb4a2e3b5b477bb95efcc-ol9_aarch64_appstream
nginx-mod-http-perl-1.20.1-24.0.1.el9_7.1.aarch64.rpmfdb39482ae3f35b12d64acb27eb3c0caba222466acf9d513ad09ae34953e3472-ol9_aarch64_appstream
nginx-mod-http-xslt-filter-1.20.1-24.0.1.el9_7.1.aarch64.rpmfd0c4e07fe6104e4c5bd37fa1716c3441373f14f7040ad63ae767d2edc2c1383-ol9_aarch64_appstream
nginx-mod-mail-1.20.1-24.0.1.el9_7.1.aarch64.rpmd78d628609cf1d5e8794087c756fa3067696033d7e753ec6979ab946c1957515-ol9_aarch64_appstream
nginx-mod-stream-1.20.1-24.0.1.el9_7.1.aarch64.rpm30bc87eaff053e791a62a5d0fd3f6b746be1ce8a4eaa5331fe8d6e8cb757e9a4-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) nginx-1.20.1-24.0.1.el9_7.1.src.rpm683e3431e51afe4271646dbd58177f34c3c3bdc5bbaff8183d02b596cf33d047-ol9_x86_64_appstream
nginx-1.20.1-24.0.1.el9_7.1.src.rpm683e3431e51afe4271646dbd58177f34c3c3bdc5bbaff8183d02b596cf33d047-ol9_x86_64_codeready_builder
nginx-1.20.1-24.0.1.el9_7.1.x86_64.rpm9831d0205504d7053d723bcce5496131b59b00ddb1be810bb00b0428cc7436b3-ol9_x86_64_appstream
nginx-all-modules-1.20.1-24.0.1.el9_7.1.noarch.rpm6b8f4b35cedbb2c870af157a174ba3182fee012c0a69699d647dd037c413603d-ol9_x86_64_appstream
nginx-core-1.20.1-24.0.1.el9_7.1.x86_64.rpm676d0a724d2c6143142bb2ab6abf1b02939627a8af0bd64fb36dbbeb71450eb8-ol9_x86_64_appstream
nginx-filesystem-1.20.1-24.0.1.el9_7.1.noarch.rpm8c90a2968fb40b1936ce11eb85bd31e6bf992e0c0ac2f0ae0dd28c0d377fb3dc-ol9_x86_64_appstream
nginx-mod-devel-1.20.1-24.0.1.el9_7.1.x86_64.rpmf59b62b219461a1023fc39956fd31cbe2849a8bb16617b300dad2aea9da1d112-ol9_x86_64_codeready_builder
nginx-mod-http-image-filter-1.20.1-24.0.1.el9_7.1.x86_64.rpm2cd1058e514ccf234bb0c70503ea08ab568c63e5212d9b50ec4fcf116a62a160-ol9_x86_64_appstream
nginx-mod-http-perl-1.20.1-24.0.1.el9_7.1.x86_64.rpm047a9783521d116b4a9fb96ece128b3bd5e6367e48ce54a3b75cc1ab81b7a2da-ol9_x86_64_appstream
nginx-mod-http-xslt-filter-1.20.1-24.0.1.el9_7.1.x86_64.rpm1b4ef9cc36d0bbac3cbf9fd7adb3f6aea638f5a6274cf00737466b5c535b67db-ol9_x86_64_appstream
nginx-mod-mail-1.20.1-24.0.1.el9_7.1.x86_64.rpmff4979209aa4c497770f24bd2e23c99ec95492d7287af48680596dd76c3d6da2-ol9_x86_64_appstream
nginx-mod-stream-1.20.1-24.0.1.el9_7.1.x86_64.rpmf9317a6b70b141e26b143d249af0cff93b660535f6f330294da9e104b5aeb921-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights