ELSA-2025-3262

ULN >
Oracle Linux Errata repository >
ELSA-2025-3262

ELSA-2025-3262 - nginx:1.24 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-03-27

Description

[1.24.0-4.0.1.1]
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]

[1:1.24.0-4.1]
- Resolves: RHEL-84480 - nginx:1.24/nginx: specially crafted MP4 file may cause
denial of service (CVE-2024-7347)

[1:1.24.0-4]
- Resolves: RHEL-49350 - nginx worker processes memory leak

[1:1.24.0-3]
- Resolves: RHEL-40622 - openssl 3.2 ENGINE regression in nginx

[1:1.24.0-2]
- Resolves: RHEL-38498 - Nginx seg faults when proxy_ssl_certificate is set

[1:1.24.0-1]
- new version 1.24.0

[1:1.22.1-5]
- Resolves: RHEL-12737 - nginx:1.22/nginx: HTTP/2: Multiple HTTP/2 enabled web
servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

[1:1.22.1-4]
- Resolves: #2170808 - Running nginx with systemctl and entering ssl
private key's pass phrase
- added new ssl_pass_phrase_dialog directive which enables setting
external program for entering password for encrypted private key

Related CVEs

CVE-2024-7347

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	nginx-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.src.rpm	59a5b7585202fc5a9a5edcbc1f2a737c1a771e7a91fa331671631a30ced84c03	-	ol9_aarch64_appstream
	nginx-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm	0c72fc5861d00de19bb4e3756e1e9bfb933618d9daf31df620e5a907eb37c499	-	ol9_aarch64_appstream
	nginx-all-modules-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.noarch.rpm	06942a93f75ed315d67824213af38a5c2c21564abe20a59fe9df204cd1cb7eb7	-	ol9_aarch64_appstream
	nginx-core-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm	d915d428f038a883a3bec864f97d76bf5238de4cd0709376ee845ab0160c93bd	-	ol9_aarch64_appstream
	nginx-filesystem-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.noarch.rpm	0a80c056887c3261238776580827c7fe84e505661d3c3c756659607a4957a104	-	ol9_aarch64_appstream
	nginx-mod-devel-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm	62d49c2050416cc82d5e9e3f0d3be85fc98ee9aecfd555ea900434bf09d9faec	-	ol9_aarch64_appstream
	nginx-mod-http-image-filter-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm	97b22f073b3354d53456a5538a811415cc691536e5e8baa7c946e52255bff1bd	-	ol9_aarch64_appstream
	nginx-mod-http-perl-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm	8f5ed4c2538f98fe5fb4cb8346c6a91cff052160aa40375530ccb78340c7c1cc	-	ol9_aarch64_appstream
	nginx-mod-http-xslt-filter-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm	263ebb48cba3d756c828bf3b0d826709b36b93cd3242c177c7a4d945d5c2e3b2	-	ol9_aarch64_appstream
	nginx-mod-mail-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm	53ea595af371db3e1501afbadfc39e6de82e0b7654758c9f316f1cac7bf09ab9	-	ol9_aarch64_appstream
	nginx-mod-stream-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.aarch64.rpm	b9145a2a5b7d1536c20ca09e4e524dc3b7003de5faeb0b7812349e90b64b6183	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	nginx-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.src.rpm	59a5b7585202fc5a9a5edcbc1f2a737c1a771e7a91fa331671631a30ced84c03	-	ol9_x86_64_appstream
	nginx-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm	6627e550b42227988191fa9c0f07d5286efaac9ed4b28ccfdc86ce23a2714231	-	ol9_x86_64_appstream
	nginx-all-modules-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.noarch.rpm	06942a93f75ed315d67824213af38a5c2c21564abe20a59fe9df204cd1cb7eb7	-	ol9_x86_64_appstream
	nginx-core-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm	b1e16fcbe8027e4a26c68cfa7b7b3a1602b43d932bd1e1cc8485e699aa45daec	-	ol9_x86_64_appstream
	nginx-filesystem-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.noarch.rpm	0a80c056887c3261238776580827c7fe84e505661d3c3c756659607a4957a104	-	ol9_x86_64_appstream
	nginx-mod-devel-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm	e91ff293390502f1da6fb986471cdd8827bf9d10033824eee47dd3683aa1bf0e	-	ol9_x86_64_appstream
	nginx-mod-http-image-filter-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm	77639df9da07a37ff02f38c6ca4107669beac60c4191a653371e2dbbc129e0fd	-	ol9_x86_64_appstream
	nginx-mod-http-perl-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm	08b87055457d446d538225466163bebb70f4578cbf05ca0269ca58652b795740	-	ol9_x86_64_appstream
	nginx-mod-http-xslt-filter-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm	ca916dc11634ad88f728335a902883b6ee32daacee0a9df8265302aba65a0ab3	-	ol9_x86_64_appstream
	nginx-mod-mail-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm	92fd5a545ca7ab9d9ae84578aeb8523d8e3e52930cc00c1393a4f17d5a597358	-	ol9_x86_64_appstream
	nginx-mod-stream-1.24.0-4.0.1.module+el9.5.0+90543+4953bb61.1.x86_64.rpm	2f74fe851ccd046128d2caaa01faeeabd7ff410727234e908a1814f7cc5f5aa2	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691