ELSA-2025-3261

ULN >
Oracle Linux Errata repository >
ELSA-2025-3261

ELSA-2025-3261 - nginx:1.22 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-03-27

Description

[1.22.1-8.0.1.1]
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]

[1:1.22.1-8.1]
- Resolves: RHEL-84486 - nginx:1.22/nginx: specially crafted MP4 file may
cause denial of service (CVE-2024-7347)

[1:1.22.1-8]
- Resolves: RHEL-49349 - nginx worker processes memory leak

[1:1.22.1-7]
- Resolves: RHEL-40621 - openssl 3.2 ENGINE regression in nginx

[1:1.22.1-6]
- Resolves: RHEL-32650 - Nginx seg faults when proxy_ssl_certificate is set

[1:1.22.1-5]
- Resolves: RHEL-12737 - nginx:1.22/nginx: HTTP/2: Multiple HTTP/2 enabled web
servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

[1:1.22.1-4]
- Resolves: #2170808 - Running nginx with systemctl and entering ssl
private key's pass phrase
- added new ssl_pass_phrase_dialog directive which enables setting
external program for entering password for encrypted private key

Related CVEs

CVE-2024-7347

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	nginx-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.src.rpm	8f4c9135ded7be54fd95f9974f0e8a50c51d7b8bfcb52f6beebd5a2c3362d1d0	-	ol9_aarch64_appstream
	nginx-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.aarch64.rpm	7f2a43a5aa2a80f16e7495430db57f6220974c0fcee8d02e36236bbc0cdc43be	-	ol9_aarch64_appstream
	nginx-all-modules-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.noarch.rpm	2e8aa6c2cc6b2c8bc43b4639a6f02433f96fee70dfea836d026349e7571d6aa6	-	ol9_aarch64_appstream
	nginx-core-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.aarch64.rpm	7c6e91913894ff7a6d5b54760f36578daa01bd6155d098326dcfb27a1d1f6209	-	ol9_aarch64_appstream
	nginx-filesystem-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.noarch.rpm	4277840020ad5aa320d674c2cab65e3322149659776f68468f505e62d4214b99	-	ol9_aarch64_appstream
	nginx-mod-devel-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.aarch64.rpm	d31143524b6801a26ab5498a3051ebd8d9f5295ac99295da3d5d35805f4d671f	-	ol9_aarch64_appstream
	nginx-mod-http-image-filter-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.aarch64.rpm	a60401eaa16efdf16683e403311084939288da4cc81249d9a785812f221ba20a	-	ol9_aarch64_appstream
	nginx-mod-http-perl-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.aarch64.rpm	a915e41813ab201351cd473d0cd66a0684d908a31aad8dbb450296c5a6df874f	-	ol9_aarch64_appstream
	nginx-mod-http-xslt-filter-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.aarch64.rpm	3a58cfe3db1a26a013b0d94df7d5a692931d88cb18c02ec8e3a526ee059f2278	-	ol9_aarch64_appstream
	nginx-mod-mail-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.aarch64.rpm	da07066b11100f6a8080214fd605f56d489b14daafae1121a772992e1cb380a7	-	ol9_aarch64_appstream
	nginx-mod-stream-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.aarch64.rpm	6a6e67020d82ca4458f7c706bc7ffb93f92f1d4a035d158a935ff92592715438	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	nginx-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.src.rpm	8f4c9135ded7be54fd95f9974f0e8a50c51d7b8bfcb52f6beebd5a2c3362d1d0	-	ol9_x86_64_appstream
	nginx-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.x86_64.rpm	cb45b9bc6689a65694e610b637fd244c6fbf587d674c34b277613b7f6e9edccf	-	ol9_x86_64_appstream
	nginx-all-modules-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.noarch.rpm	2e8aa6c2cc6b2c8bc43b4639a6f02433f96fee70dfea836d026349e7571d6aa6	-	ol9_x86_64_appstream
	nginx-core-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.x86_64.rpm	4e731fc61711f68d06f490658b5e9513fb1f620017d106d5b4c3abf40fd2e2a5	-	ol9_x86_64_appstream
	nginx-filesystem-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.noarch.rpm	4277840020ad5aa320d674c2cab65e3322149659776f68468f505e62d4214b99	-	ol9_x86_64_appstream
	nginx-mod-devel-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.x86_64.rpm	84ad1d3d480d85da004fd6416315247ce3caa4f84ab3d2bb2581be0182c6c055	-	ol9_x86_64_appstream
	nginx-mod-http-image-filter-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.x86_64.rpm	924c099ebd7b838c9bcc8aa832360d33665856f7ceb76ecdec61fca60fdbd26f	-	ol9_x86_64_appstream
	nginx-mod-http-perl-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.x86_64.rpm	05072f9bf4d30c9fa160d187c5156a4dd47fa4e8954e2a490a982aa3359f9ab8	-	ol9_x86_64_appstream
	nginx-mod-http-xslt-filter-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.x86_64.rpm	33bcce1f6c3d4a0015dc0c7b0afdd76188f997b7e24844717b5d165436c0c846	-	ol9_x86_64_appstream
	nginx-mod-mail-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.x86_64.rpm	6f4ed524e6e5a28a498fd8b3d0a0742fd4dc0ca03b66bbbe15cd413290b5ad76	-	ol9_x86_64_appstream
	nginx-mod-stream-1.22.1-8.0.1.module+el9.5.0+90542+e87a1bbf.1.x86_64.rpm	34aa602793a9889e535c926e13921726215328f7e069917b6caeabfc1d4d13c4	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691