ELSA-2026-7343

ULN >
Oracle Linux Errata repository >
ELSA-2026-7343

ELSA-2026-7343 - nginx:1.26 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-04-11

Description

[2:1.26.3-2.0.1.1]
- Require oracle-indexhtml

[2:1.26.3-6]
- Resolves: RHEL-157887 - CVE-2026-32647 nginx:1.26/nginx: NGINX: Denial of
Service or Code Execution via specially crafted MP4 files

[2:1.26.3-5]
- Resolves: RHEL-159446 - CVE-2026-27651 nginx:1.26/nginx: NGINX: Denial of
Service via undisclosed requests when ngx_mail_auth_http_module is
enabled

[2:1.26.3-4]
- Resolves: RHEL-159538 - CVE-2026-27784 nginx:1.26/nginx: NGINX: Denial of
Service due to memory corruption via crafted MP4 file

[2:1.26.3-3]
- Resolves: RHEL-159559 - CVE-2026-27654 nginx:1.26/nginx: NGINX: Denial of
Service or file modification via buffer overflow in ngx_http_dav_module

[2:1.26.3-2]
- nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied
connections (CVE-2026-1642)

[2:1.26.3-1]
- New version 1.26.3

[2:1.26.2-4]
- Use systemd-sysusers

[2:1.26.2-3]
- Fix PKCS-11 support

[2:1.26.2-2]
- Adjust QE files

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	nginx-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.src.rpm	9f0ebce411cd3eeeec3bb6f69a06b203c4fadae6953c3e1c53860a628f4a60dd	-	ol9_aarch64_appstream
	nginx-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.aarch64.rpm	b69fbc7fb425a5e5a31e058ea6ec423943fc72eb2deabdf9d8838317420abdf2	-	ol9_aarch64_appstream
	nginx-all-modules-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.noarch.rpm	8d37b7282cf94c7827ea8207a3eca8bad45430653a87df8c5ba9e21c5c1d3695	-	ol9_aarch64_appstream
	nginx-core-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.aarch64.rpm	332cd76ef5e3ae834df77363a7414a02ac967217212bbf0ae589c938e3854446	-	ol9_aarch64_appstream
	nginx-filesystem-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.noarch.rpm	2f15cbcd1329ff17cd4d13f337d8d44fbdae76db3f2dc80c1e97409d5770cca4	-	ol9_aarch64_appstream
	nginx-mod-devel-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.aarch64.rpm	afe044f402b4995e778be9c956a5125faac302d7f0b1f1804dfa2a04809fe9ca	-	ol9_aarch64_appstream
	nginx-mod-http-image-filter-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.aarch64.rpm	d5a34af23d4310532fadc45e87888deec4eed1aab46be92bc9e6c82cc890c155	-	ol9_aarch64_appstream
	nginx-mod-http-perl-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.aarch64.rpm	c302a38c87ba3abbaac0ce5b3e1f658928e97252516a390ac09cc52689aa972f	-	ol9_aarch64_appstream
	nginx-mod-http-xslt-filter-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.aarch64.rpm	ef5dcdd58480ac5b4849e57e32f50d093c982cd37a533696326a9d3285df0ae5	-	ol9_aarch64_appstream
	nginx-mod-mail-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.aarch64.rpm	d44ac36269d9b4d5f384a3941d16e41d08fd44b2e23960f0bb0a772423f8091f	-	ol9_aarch64_appstream
	nginx-mod-stream-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.aarch64.rpm	e6dcf32064ec1a8245e0bcb3c1bda327ec74825d3f62ecd534c0408b730ab9ff	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	nginx-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.src.rpm	9f0ebce411cd3eeeec3bb6f69a06b203c4fadae6953c3e1c53860a628f4a60dd	-	ol9_x86_64_appstream
	nginx-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.x86_64.rpm	39dbc376bc1484dde1e7e84a2a70b26b9fbdc7cf59578aeef10f3ac29cc99ea2	-	ol9_x86_64_appstream
	nginx-all-modules-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.noarch.rpm	8d37b7282cf94c7827ea8207a3eca8bad45430653a87df8c5ba9e21c5c1d3695	-	ol9_x86_64_appstream
	nginx-core-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.x86_64.rpm	df0f15a44f35ec085f336f653a7c8ea5fcf4fd95234b5eac96f531b3044f11f7	-	ol9_x86_64_appstream
	nginx-filesystem-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.noarch.rpm	2f15cbcd1329ff17cd4d13f337d8d44fbdae76db3f2dc80c1e97409d5770cca4	-	ol9_x86_64_appstream
	nginx-mod-devel-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.x86_64.rpm	3977bd7fedbaa8c38813f313d72d8ac172e04be2dc09bda2938f669213a244a0	-	ol9_x86_64_appstream
	nginx-mod-http-image-filter-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.x86_64.rpm	6aae04b6fb161b3401fb77129efe7935decab2d7e380bfef65df356733c6faf5	-	ol9_x86_64_appstream
	nginx-mod-http-perl-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.x86_64.rpm	02b065c4af0ba516a6100f5b487d1122054ed78f5509cfbe97c7a31b31105f22	-	ol9_x86_64_appstream
	nginx-mod-http-xslt-filter-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.x86_64.rpm	ef5e3072857e9b32d837d29d2fc2aaca6aabd0600f71b11491fa8a26d28c5859	-	ol9_x86_64_appstream
	nginx-mod-mail-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.x86_64.rpm	0bf33aca05b62c699497bd8ed58edc2672b4486e6f58844547d741981a47de9e	-	ol9_x86_64_appstream
	nginx-mod-stream-1.26.3-2.0.1.module+el9.7.0+90870+e191ebad.1.x86_64.rpm	bad06f6d025f535fc80e741a6a9acb2e0c9713f62e06e39a2686b3b74599397e	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691