ELSA-2026-3638

ULN >
Oracle Linux Errata repository >
ELSA-2026-3638

ELSA-2026-3638 - nginx:1.24 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2026-03-04

Description

[1.24.0-5.1.0.1]
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]

[1:1.24.0-5.1]
- Resolves: RHEL-146526 - nginx:1.24/nginx: NGINX: Data injection via
man-in-the-middle attack on TLS proxied connections (CVE-2026-1642)

[1:1.24.0-5]
- Resolves: RHEL-84480 - nginx:1.24/nginx: specially crafted MP4 file may cause
denial of service (CVE-2024-7347)

[1:1.24.0-4]
- Resolves: RHEL-49350 - nginx worker processes memory leak

[1:1.24.0-3]
- Resolves: RHEL-40622 - openssl 3.2 ENGINE regression in nginx

[1:1.24.0-2]
- Resolves: RHEL-38498 - Nginx seg faults when proxy_ssl_certificate is set

Related CVEs

CVE-2026-1642

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	nginx-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.src.rpm	1763d8273a00dddb4a713c037a894f5e7c3a180fb6e0776ed15760dfa0222b51	-	ol9_aarch64_appstream
	nginx-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.aarch64.rpm	12cd8ace08fe2d3a34c49fcce1e74550401e1c8c339b80903d9d6f262e2212f6	-	ol9_aarch64_appstream
	nginx-all-modules-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.noarch.rpm	74cb0cdeaf1675bda8bf2b463eeaede70b10768af2cbfc8465801d0557f3da89	-	ol9_aarch64_appstream
	nginx-core-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.aarch64.rpm	248fccbc7c8826c1189a0a77c50116dbd533cb74d70fd2f4b096e225f51db232	-	ol9_aarch64_appstream
	nginx-filesystem-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.noarch.rpm	f9c1d719fc37c8e6f55641b3734f3525b2fda029f80753207634504b2dc062e8	-	ol9_aarch64_appstream
	nginx-mod-devel-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.aarch64.rpm	13436a26da7c68d16381cd502add0a48b7abc599a2372a3c3a4a2d13fc98d5a7	-	ol9_aarch64_appstream
	nginx-mod-http-image-filter-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.aarch64.rpm	7311e1b80d10451ca88f2fbf5f5e9145b3b722e468ea7a09054b1ef4bc7ffab0	-	ol9_aarch64_appstream
	nginx-mod-http-perl-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.aarch64.rpm	3b31fbd38b5bd41d68632071cd5331eb21a46c3def58ebcd96121b4e793e16f7	-	ol9_aarch64_appstream
	nginx-mod-http-xslt-filter-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.aarch64.rpm	59ebae553772f4d230457b21c429409e1c6407a56ff99b19d7f887515704bfcd	-	ol9_aarch64_appstream
	nginx-mod-mail-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.aarch64.rpm	dbec45908073c92a2fde5d4461ad2ebd080d4a773765251b7d3b5dce95549b56	-	ol9_aarch64_appstream
	nginx-mod-stream-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.aarch64.rpm	bb3b6db19da64de9be74beff43dfe504c96944b34f645af880f2713eeb4ceaa5	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	nginx-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.src.rpm	1763d8273a00dddb4a713c037a894f5e7c3a180fb6e0776ed15760dfa0222b51	-	ol9_x86_64_appstream
	nginx-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.x86_64.rpm	50f137ec1f8d1a318f00580984121adfce03358d4a6a6fe823302262cc851c96	-	ol9_x86_64_appstream
	nginx-all-modules-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.noarch.rpm	74cb0cdeaf1675bda8bf2b463eeaede70b10768af2cbfc8465801d0557f3da89	-	ol9_x86_64_appstream
	nginx-core-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.x86_64.rpm	2a62dc525f145f306b8e115a314aa3214805f922288398fbd5f15ba819903763	-	ol9_x86_64_appstream
	nginx-filesystem-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.noarch.rpm	f9c1d719fc37c8e6f55641b3734f3525b2fda029f80753207634504b2dc062e8	-	ol9_x86_64_appstream
	nginx-mod-devel-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.x86_64.rpm	ad62486c1636eac655f1c51b6c06c75c145622c541c4704f3bd3dfcf074e522b	-	ol9_x86_64_appstream
	nginx-mod-http-image-filter-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.x86_64.rpm	b0ae11a32683d8ea1f52e37358def907affaf5652a6cc8d82aea6600c62adaf0	-	ol9_x86_64_appstream
	nginx-mod-http-perl-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.x86_64.rpm	c8bd700d2567e7bf4c755f297c75a99216ce77955de418f1fd332eb03e78e0c9	-	ol9_x86_64_appstream
	nginx-mod-http-xslt-filter-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.x86_64.rpm	7e70fd4c7c6e1b414ea52decb3209ce3c26cb7315e2ac0e8eb98397509d9bd50	-	ol9_x86_64_appstream
	nginx-mod-mail-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.x86_64.rpm	4253b046d79946815a4530bca986a876c574b50b9fb565b045c4a72e57f438a0	-	ol9_x86_64_appstream
	nginx-mod-stream-1.24.0-5.0.1.module+el9.7.0+90821+c4114bda.1.x86_64.rpm	63ecdffad90bbf4b72c4abdd28d0c62f2f722315f651e52c202d7ca45e1679a5	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691