ELSA-2026-4705

ELSA-2026-4705 - nginx security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2026-03-17

Description

[2:1.26.3-2.0.1]
- Reference oracle-indexhtml within Requires [Orabug: 33802044]

[2:1.26.3-2]
- CVE-2026-1642 nginx: NGINX: Data injection via man-in-the-middle attack
on TLS proxied connections

Related CVEs

CVE-2026-1642

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 10 (aarch64)	nginx-1.26.3-2.0.1.el10_1.src.rpm	13f3bb1ef2138447733d6fe56b1ce33de854f4d1c05943f461728eb863354594	-	ol10_aarch64_appstream
	nginx-1.26.3-2.0.1.el10_1.src.rpm	13f3bb1ef2138447733d6fe56b1ce33de854f4d1c05943f461728eb863354594	-	ol10_aarch64_codeready_builder
	nginx-1.26.3-2.0.1.el10_1.aarch64.rpm	2cb51b4afd50cd853b167fe7094e9cdadf91cb0e137e22e947dbb6c31be938e1	-	ol10_aarch64_appstream
	nginx-all-modules-1.26.3-2.0.1.el10_1.noarch.rpm	7ca06341db1fb2eeaa4d92f09516df80758b82e26dee862e41a1e0d259aa14ef	-	ol10_aarch64_appstream
	nginx-core-1.26.3-2.0.1.el10_1.aarch64.rpm	accb8db1bb3e13ca667d3a5524b918c5dcac7d9af68f03aaf3407b0d26baefd3	-	ol10_aarch64_appstream
	nginx-filesystem-1.26.3-2.0.1.el10_1.noarch.rpm	560aa3bc1654cc2102e61d4c54b10d7c3a8273c212a60d3f64d4eaf8609598b9	-	ol10_aarch64_appstream
	nginx-mod-devel-1.26.3-2.0.1.el10_1.aarch64.rpm	5cb7690b4784d0790b92a6fd38089a90188a7efcb45b6f916d26f3c8e0eef024	-	ol10_aarch64_codeready_builder
	nginx-mod-http-image-filter-1.26.3-2.0.1.el10_1.aarch64.rpm	26a7069f0a8ba3f6c6761e56b645b8436fa6fc4271cd3a849e53794aa00aa30d	-	ol10_aarch64_appstream
	nginx-mod-http-perl-1.26.3-2.0.1.el10_1.aarch64.rpm	aba74d9f8cce98069895e85f5e0f2880dc441650d6b9d389a49d82d450144d95	-	ol10_aarch64_appstream
	nginx-mod-http-xslt-filter-1.26.3-2.0.1.el10_1.aarch64.rpm	d8327ab9a2f3eb0cfec5e19801e305ad4fc2e0c882911624da191f632d7e641b	-	ol10_aarch64_appstream
	nginx-mod-mail-1.26.3-2.0.1.el10_1.aarch64.rpm	9c6a3af1ad28262ebf8be26c2823374405291a95e287849e029a158855bc3b4c	-	ol10_aarch64_appstream
	nginx-mod-stream-1.26.3-2.0.1.el10_1.aarch64.rpm	25ab23fabc56aa20118d79888f9acf74d2a16a35ac77d7938316f9dcae2b9084	-	ol10_aarch64_appstream
Oracle Linux 10 (x86_64)	nginx-1.26.3-2.0.1.el10_1.src.rpm	13f3bb1ef2138447733d6fe56b1ce33de854f4d1c05943f461728eb863354594	-	ol10_x86_64_appstream
	nginx-1.26.3-2.0.1.el10_1.src.rpm	13f3bb1ef2138447733d6fe56b1ce33de854f4d1c05943f461728eb863354594	-	ol10_x86_64_codeready_builder
	nginx-1.26.3-2.0.1.el10_1.x86_64.rpm	ce7138c6d8b813ea6a505a57466dabc22c05eb4e7a436685eeead18e79ae8637	-	ol10_x86_64_appstream
	nginx-all-modules-1.26.3-2.0.1.el10_1.noarch.rpm	7ca06341db1fb2eeaa4d92f09516df80758b82e26dee862e41a1e0d259aa14ef	-	ol10_x86_64_appstream
	nginx-core-1.26.3-2.0.1.el10_1.x86_64.rpm	aebfba9d0cf8061fa65783f5ae5c2342edd75bbb6d5e15fb66955d299e903b3e	-	ol10_x86_64_appstream
	nginx-filesystem-1.26.3-2.0.1.el10_1.noarch.rpm	560aa3bc1654cc2102e61d4c54b10d7c3a8273c212a60d3f64d4eaf8609598b9	-	ol10_x86_64_appstream
	nginx-mod-devel-1.26.3-2.0.1.el10_1.x86_64.rpm	54bdc7c9ad3d6fbb8061dd1ecc6db921a112118ad92bcd31c3ca985267c66249	-	ol10_x86_64_codeready_builder
	nginx-mod-http-image-filter-1.26.3-2.0.1.el10_1.x86_64.rpm	22af3242fe8af3af3c9bc66a8462203e30b8ef6750189243689c50b8b1d68f50	-	ol10_x86_64_appstream
	nginx-mod-http-perl-1.26.3-2.0.1.el10_1.x86_64.rpm	ea45ae840d73a1498ee40bf44ac9646e6ad977c5219c24f7b9a9a9333038df9a	-	ol10_x86_64_appstream
	nginx-mod-http-xslt-filter-1.26.3-2.0.1.el10_1.x86_64.rpm	ec3e7584d1c2ac09a7a856a2b3915838d5969b641e052912019b7b4afa366843	-	ol10_x86_64_appstream
	nginx-mod-mail-1.26.3-2.0.1.el10_1.x86_64.rpm	9b1830cfa32cd054c708c0fe22b3fafa73b890d02a5f26b39bd0bfba695d0019	-	ol10_x86_64_appstream
	nginx-mod-stream-1.26.3-2.0.1.el10_1.x86_64.rpm	8487c1cc40b01f540b47d984dd8af255276b61fe74f620ce6338acb37ad2c457	-	ol10_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team