ELSA-2025-7331

ULN >
Oracle Linux Errata repository >
ELSA-2025-7331

ELSA-2025-7331 - nginx security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-05-16

Description

[1.20.1-22.0.1]
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]
- Update upstream references [Orabug: 36579090]

[2:1.20.1-22]
- Resolves: RHEL-78236 - nginx: TLS Session Resumption
Vulnerability (CVE-2025-23419)

[2:1.20.1-21]
- Resolves: RHEL-77486 - [RFE] nginx use systemd-sysusers

[2:1.20.1-20]
- Resolves: RHEL-40075 - nginx worker processes memory leak

[1:1.20.1-19]
- Resolves: RHEL-40371- openssl 3.2 ENGINE regression

[2:1.20.1-17]
- bump package epoch to resolve RHEL-33939
- Resolves: RHEL-33939 - Update path for nginx broken for existing CS
installations

[1:1.20.1-16]
- Resolves: RHEL-12518 - nginx: HTTP/2: Multiple HTTP/2 enabled web servers are
vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

Related CVEs

CVE-2025-23419

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	nginx-1.20.1-22.0.1.el9.src.rpm	4a9d48f6c9ad5d81ef695e007987892eb4ecb05f119238dbbab1bda6fe1cfd01	-	ol9_aarch64_appstream
	nginx-1.20.1-22.0.1.el9.src.rpm	4a9d48f6c9ad5d81ef695e007987892eb4ecb05f119238dbbab1bda6fe1cfd01	-	ol9_aarch64_codeready_builder
	nginx-1.20.1-22.0.1.el9.aarch64.rpm	4fbea1a741053abb41cb3aeb37ff468c26939d8fa417b676a81b9123dcf97774	-	ol9_aarch64_appstream
	nginx-all-modules-1.20.1-22.0.1.el9.noarch.rpm	fae1f780622dd64bbf9c96a3cebeb240c79afcbe1a3c8cd9bf0cd219abe21b30	-	ol9_aarch64_appstream
	nginx-core-1.20.1-22.0.1.el9.aarch64.rpm	0736148a886e4db55972a9a6966d446bcbc8c5f6e6d91c2483f7b750f226824d	-	ol9_aarch64_appstream
	nginx-filesystem-1.20.1-22.0.1.el9.noarch.rpm	17211f426916013d8b089b5d0f9d64e01714d906753eebed988f0ff4eedc8e36	-	ol9_aarch64_appstream
	nginx-mod-devel-1.20.1-22.0.1.el9.aarch64.rpm	9100f6129ea2260311781b82eabc580205d5d7c8709627f0368172f589f12bdc	-	ol9_aarch64_codeready_builder
	nginx-mod-http-image-filter-1.20.1-22.0.1.el9.aarch64.rpm	9a257f9c8e622d8f1d4e118214c6d2939e6211c0d2d775fd217f288a86840338	-	ol9_aarch64_appstream
	nginx-mod-http-perl-1.20.1-22.0.1.el9.aarch64.rpm	599f8b3f80b3f076496e9163b3e38dcdb880dee83c2a54358ea99269a36d0a1d	-	ol9_aarch64_appstream
	nginx-mod-http-xslt-filter-1.20.1-22.0.1.el9.aarch64.rpm	40d47fa6766218f970440067a4e66645db166f06f02b9bea173067427fa033fa	-	ol9_aarch64_appstream
	nginx-mod-mail-1.20.1-22.0.1.el9.aarch64.rpm	12930a54e57c0cce0035defb99358b3d86b9614662a7f447bccfda602f085809	-	ol9_aarch64_appstream
	nginx-mod-stream-1.20.1-22.0.1.el9.aarch64.rpm	1fc2bf7a494c368954bb206e2c85a8d9faed3e3f07ccd37bb1b91e232fc81e42	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	nginx-1.20.1-22.0.1.el9.src.rpm	4a9d48f6c9ad5d81ef695e007987892eb4ecb05f119238dbbab1bda6fe1cfd01	-	ol9_x86_64_appstream
	nginx-1.20.1-22.0.1.el9.src.rpm	4a9d48f6c9ad5d81ef695e007987892eb4ecb05f119238dbbab1bda6fe1cfd01	-	ol9_x86_64_codeready_builder
	nginx-1.20.1-22.0.1.el9.x86_64.rpm	3262b06dcf59f91388ddde55dc41b05674cc7527add2d982a7b560ef726335a0	-	ol9_x86_64_appstream
	nginx-all-modules-1.20.1-22.0.1.el9.noarch.rpm	fae1f780622dd64bbf9c96a3cebeb240c79afcbe1a3c8cd9bf0cd219abe21b30	-	ol9_x86_64_appstream
	nginx-core-1.20.1-22.0.1.el9.x86_64.rpm	fcfb7db77f31eac66d9831242b6f403ac4eb38d388c3a222532c26460518d2ae	-	ol9_x86_64_appstream
	nginx-filesystem-1.20.1-22.0.1.el9.noarch.rpm	17211f426916013d8b089b5d0f9d64e01714d906753eebed988f0ff4eedc8e36	-	ol9_x86_64_appstream
	nginx-mod-devel-1.20.1-22.0.1.el9.x86_64.rpm	40fdd13899f58075ada481f1c99127b3fc22986fd50a4d912daade288299206c	-	ol9_x86_64_codeready_builder
	nginx-mod-http-image-filter-1.20.1-22.0.1.el9.x86_64.rpm	126eee8a4345c83a17ff60db8934cee8e4df0e5ee30d785eed85c42cbea91107	-	ol9_x86_64_appstream
	nginx-mod-http-perl-1.20.1-22.0.1.el9.x86_64.rpm	702fa5ef3d2851baf898abd7b5b2d2c9e2212981c4f0d646a66704d6a5cb8490	-	ol9_x86_64_appstream
	nginx-mod-http-xslt-filter-1.20.1-22.0.1.el9.x86_64.rpm	e97d820844d01eafedd1216cff4136e3199331bff43cd3196f3f59bb9784188d	-	ol9_x86_64_appstream
	nginx-mod-mail-1.20.1-22.0.1.el9.x86_64.rpm	929116e668960054d95ce0fe417ded8ba10879624cb02012364f6bd4f0a35da4	-	ol9_x86_64_appstream
	nginx-mod-stream-1.20.1-22.0.1.el9.x86_64.rpm	23d15e35c427c77efd6e64fd3eb01b7aa5b2f89c8a62c43f410c2543de8ca47d	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691