ELSA-2025-7402

ULN >
Oracle Linux Errata repository >
ELSA-2025-7402

ELSA-2025-7402 - nginx security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-05-21

Description

[1.20.1-22.0.1.2]
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]
- Update upstream references [Orabug: 36579090]

[2:1.20.1-22.2]
- Resolves: RHEL-85556 - nginx: Memory disclosure in the
ngx_http_mp4_module (CVE-2022-41742)
- Resolves: RHEL-91446 - nginx: Memory corruption in the
ngx_http_mp4_module (CVE-2022-41741)

[2:1.20.1-22.1]
- Resolves: RHEL-84477 - nginx: specially crafted MP4 file may cause
denial of service (CVE-2024-7347)

Related CVEs

CVE-2022-41741

CVE-2022-41742

CVE-2024-7347

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	nginx-1.20.1-22.0.1.el9_6.2.src.rpm	7cde7f7d9fd3a14255fd7b79ada510735ae3d666eb51e0e6e8b3dc95ee2a356e	-	ol9_aarch64_appstream
	nginx-1.20.1-22.0.1.el9_6.2.src.rpm	7cde7f7d9fd3a14255fd7b79ada510735ae3d666eb51e0e6e8b3dc95ee2a356e	-	ol9_aarch64_codeready_builder
	nginx-1.20.1-22.0.1.el9_6.2.aarch64.rpm	b1a984d382b5a3e6922159a26301558558a63deec641796e5d4c6af3bb5f99cf	-	ol9_aarch64_appstream
	nginx-all-modules-1.20.1-22.0.1.el9_6.2.noarch.rpm	a425660ff52070b53fcca4a06147b7e40d366d621ae5739761cf57beb8ae9386	-	ol9_aarch64_appstream
	nginx-core-1.20.1-22.0.1.el9_6.2.aarch64.rpm	cc950bdff098f1f5e568103661315165d60dcba37ecb97fd1173a4e0c3f36719	-	ol9_aarch64_appstream
	nginx-filesystem-1.20.1-22.0.1.el9_6.2.noarch.rpm	4ebabe5d78fe877526afa2640b1d92c3337861e52ffcbfca26e2a21a4dca7d0b	-	ol9_aarch64_appstream
	nginx-mod-devel-1.20.1-22.0.1.el9_6.2.aarch64.rpm	699b0fd7cf396c8900dad8aeca3816944ebf7fa3357e7f183c827d5309984617	-	ol9_aarch64_codeready_builder
	nginx-mod-http-image-filter-1.20.1-22.0.1.el9_6.2.aarch64.rpm	3b6346c0e7823d0e65d7cf66bc52cee9d7529ccc778b5f98efc90d2b5eee97bd	-	ol9_aarch64_appstream
	nginx-mod-http-perl-1.20.1-22.0.1.el9_6.2.aarch64.rpm	141266f406b6910ec7121719fa14b4c1a1af541332a373d610a30498d8b17575	-	ol9_aarch64_appstream
	nginx-mod-http-xslt-filter-1.20.1-22.0.1.el9_6.2.aarch64.rpm	7225177deb1ff90df0bcd866a1fdb6133bfdc8ab38630c6de97c073af59a4003	-	ol9_aarch64_appstream
	nginx-mod-mail-1.20.1-22.0.1.el9_6.2.aarch64.rpm	07157b0b3fba796be01199ca5ba78f088b1cb6d8b88393ab9c14634eafece6aa	-	ol9_aarch64_appstream
	nginx-mod-stream-1.20.1-22.0.1.el9_6.2.aarch64.rpm	2a6a8c98db9bd141021f138d960df783f5a904a13694327b266a4c6d022eacc6	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	nginx-1.20.1-22.0.1.el9_6.2.src.rpm	7cde7f7d9fd3a14255fd7b79ada510735ae3d666eb51e0e6e8b3dc95ee2a356e	-	ol9_x86_64_appstream
	nginx-1.20.1-22.0.1.el9_6.2.src.rpm	7cde7f7d9fd3a14255fd7b79ada510735ae3d666eb51e0e6e8b3dc95ee2a356e	-	ol9_x86_64_codeready_builder
	nginx-1.20.1-22.0.1.el9_6.2.x86_64.rpm	22fcd93203442604d824afdf391bca05072bf75b8218d2143535b46aaa36834c	-	ol9_x86_64_appstream
	nginx-all-modules-1.20.1-22.0.1.el9_6.2.noarch.rpm	a425660ff52070b53fcca4a06147b7e40d366d621ae5739761cf57beb8ae9386	-	ol9_x86_64_appstream
	nginx-core-1.20.1-22.0.1.el9_6.2.x86_64.rpm	8b29ce3983c559c629ce88cbc71d9af5f93143b8b27df9b965fbbdd256d54efe	-	ol9_x86_64_appstream
	nginx-filesystem-1.20.1-22.0.1.el9_6.2.noarch.rpm	4ebabe5d78fe877526afa2640b1d92c3337861e52ffcbfca26e2a21a4dca7d0b	-	ol9_x86_64_appstream
	nginx-mod-devel-1.20.1-22.0.1.el9_6.2.x86_64.rpm	28caac035dbdfc9b0b202c08768fc6a5f68206405c8dd3f2bdde7d469e0b22df	-	ol9_x86_64_codeready_builder
	nginx-mod-http-image-filter-1.20.1-22.0.1.el9_6.2.x86_64.rpm	c7998e1d8ba15894d481d95648b22053c1ac166ca86ed980cc9cb2f4cdda7f40	-	ol9_x86_64_appstream
	nginx-mod-http-perl-1.20.1-22.0.1.el9_6.2.x86_64.rpm	1aaa54f85f5e747cba6f3a28103b93ceffa8042d9fa64d15dd7340f62b2a1de2	-	ol9_x86_64_appstream
	nginx-mod-http-xslt-filter-1.20.1-22.0.1.el9_6.2.x86_64.rpm	65316303655957ca7ae5b30c6fd6999aa2a44f617ebef13676f01c6e91694165	-	ol9_x86_64_appstream
	nginx-mod-mail-1.20.1-22.0.1.el9_6.2.x86_64.rpm	939db862bf0dd45d5a980a768b29c8b1bcb1ed2c65cc9fe5f9dde89ba8aefc54	-	ol9_x86_64_appstream
	nginx-mod-stream-1.20.1-22.0.1.el9_6.2.x86_64.rpm	c97122ecc6b22306927e739685ab5e31d196a03e322eaa554eb3c5ac4d4d422e	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691