-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:22:02 +0000
Source: nginx
Binary: libnginx-mod-http-geoip libnginx-mod-http-geoip-dbgsym libnginx-mod-http-image-filter libnginx-mod-http-image-filter-dbgsym libnginx-mod-http-perl libnginx-mod-http-perl-dbgsym libnginx-mod-http-xslt-filter libnginx-mod-http-xslt-filter-dbgsym libnginx-mod-mail libnginx-mod-mail-dbgsym libnginx-mod-stream libnginx-mod-stream-dbgsym libnginx-mod-stream-geoip libnginx-mod-stream-geoip-dbgsym nginx nginx-dbgsym nginx-extras
Architecture: i386
Version: 1.26.3-3+deb13u6
Distribution: trixie-security
Urgency: medium
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Jan Mojžíš <janmojzis@debian.org>
Description:
 libnginx-mod-http-geoip - GeoIP HTTP module for Nginx
 libnginx-mod-http-image-filter - HTTP image filter module for Nginx
 libnginx-mod-http-perl - Perl module for Nginx
 libnginx-mod-http-xslt-filter - XSLT Transformation module for Nginx
 libnginx-mod-mail - Mail module for Nginx
 libnginx-mod-stream - Stream module for Nginx
 libnginx-mod-stream-geoip - GeoIP Stream module for Nginx
 nginx      - small, powerful, scalable web/proxy server
 nginx-extras - nginx web/proxy server (extended version)
Changes:
 nginx (1.26.3-3+deb13u6) trixie-security; urgency=medium
 .
   * Apply both patches to fix CVE-2026-42946. In the previous version,
     only one part of the patch was applied, so the fix was incomplete.
     This really fixes CVE-2026-42946, thanks to charles@debian.org for
     pointing it out.
     * d/p/CVE-2026-42946.patch rename to d/p/CVE-2026-42946.2.patch
     * d/p/CVE-2026-42946.1.patch add
   * backport fix for buffer overflow vulnerability in the
     ngx_http_rewrite_module (CVE-2026-9256) from upstream 1.30.2 nginx.
     * d/p/CVE-2026-9256.patch add
   * backport max_headers directive from upstream nginx. It limits the number
     of request headers accepted from clients. Fixes remote denial-of-service
     exploit.
     And move max_headers from core module to the ngx_http_header_count_module
     to avoid potential ABI breakage and keep all the 3rd party modules
     compatible with the new version of nginx without recompilation.
     A big thanks to Miao Wang for preparing the modification.
     Fixes TEMP-1138794-BADE22.
     * d/p/FIX-HTTP2bomb.patch add
Checksums-Sha1:
 ba829666fa2e74badf41887a69dc02e45ab9d7f6 37160 libnginx-mod-http-geoip-dbgsym_1.26.3-3+deb13u6_i386.deb
 7716c359b933666b014f7c917df25a490833b931 89452 libnginx-mod-http-geoip_1.26.3-3+deb13u6_i386.deb
 8f8775b233efa42b3e5bc8c258e6691d34d35097 44852 libnginx-mod-http-image-filter-dbgsym_1.26.3-3+deb13u6_i386.deb
 e32cb43311727401e71c1f67e48be26756ffa92c 93216 libnginx-mod-http-image-filter_1.26.3-3+deb13u6_i386.deb
 640a24e514297ebecde3747167cad87b70589d7c 104372 libnginx-mod-http-perl-dbgsym_1.26.3-3+deb13u6_i386.deb
 5d9a2b438c459d36ff00c71506c4f8859ab6cf66 102436 libnginx-mod-http-perl_1.26.3-3+deb13u6_i386.deb
 adbd3ef8983708d1b66f3c8181aa27719de37948 53124 libnginx-mod-http-xslt-filter-dbgsym_1.26.3-3+deb13u6_i386.deb
 3f20392f5225523bb8c8619d361789e113eadedf 91848 libnginx-mod-http-xslt-filter_1.26.3-3+deb13u6_i386.deb
 13c64d5ccb63fea4c211a7bf5ad61e4e07acaada 103140 libnginx-mod-mail-dbgsym_1.26.3-3+deb13u6_i386.deb
 c78dc0364847d572e16ee26addb1fb9240a8094e 125764 libnginx-mod-mail_1.26.3-3+deb13u6_i386.deb
 567ed823f007ec97f92049fac43c387a72027c0f 173424 libnginx-mod-stream-dbgsym_1.26.3-3+deb13u6_i386.deb
 763f71a18c33f33324669b74066e18300b9e94e6 23492 libnginx-mod-stream-geoip-dbgsym_1.26.3-3+deb13u6_i386.deb
 830f9fc4f8a4b555477217e3792f14725ac6acc5 88592 libnginx-mod-stream-geoip_1.26.3-3+deb13u6_i386.deb
 dac2e76d25a84b4f735706b12a5d6da527d02584 160004 libnginx-mod-stream_1.26.3-3+deb13u6_i386.deb
 4a58dcab870a6d59e20bc7ef01078ecb17cb915a 1222488 nginx-dbgsym_1.26.3-3+deb13u6_i386.deb
 d24cb58b3383610bf8d2f7d938d732fb01d1cf62 84484 nginx-extras_1.26.3-3+deb13u6_i386.deb
 5a84210973144421613d27b820470fd20a3c1734 13807 nginx_1.26.3-3+deb13u6_i386-buildd.buildinfo
 4cb7299d473cc3ddb91e102ea6ebaa4d69c3e85e 665876 nginx_1.26.3-3+deb13u6_i386.deb
Checksums-Sha256:
 ac99f15a924caaf2445cb21a5cd2efa8325fe6fdb1ae0e43105d05c6cfeb1462 37160 libnginx-mod-http-geoip-dbgsym_1.26.3-3+deb13u6_i386.deb
 4093066547512207760077a1d3ef346b23e35e9c18cfe581c09ffa46fe5ac74d 89452 libnginx-mod-http-geoip_1.26.3-3+deb13u6_i386.deb
 6cf8946de3cea49fd026766927719f032e96b48fc6057a6b7072c377727c5449 44852 libnginx-mod-http-image-filter-dbgsym_1.26.3-3+deb13u6_i386.deb
 6d90a9ca79ef79649cfc5c72076347c57df6c097689f0241391be08f585e896e 93216 libnginx-mod-http-image-filter_1.26.3-3+deb13u6_i386.deb
 c46ddbe975e0788c7a6a6d18a228725f2715679c434210a22f33c8248b0d9dd6 104372 libnginx-mod-http-perl-dbgsym_1.26.3-3+deb13u6_i386.deb
 9d746e9a7dd1399628228055bb970ba2a77ad900394deb0e7e784fb78a1bade7 102436 libnginx-mod-http-perl_1.26.3-3+deb13u6_i386.deb
 bac4b1242467c7d6ad05531e81cdd28a179fb947677e38577181ee0e97b91d28 53124 libnginx-mod-http-xslt-filter-dbgsym_1.26.3-3+deb13u6_i386.deb
 208003b7408345c5dc7eee4f786eba2b43926e2054d6bc2bb3a9af2a203021b7 91848 libnginx-mod-http-xslt-filter_1.26.3-3+deb13u6_i386.deb
 b2c83212cfc8b266db2247b733a67e771f2f2404147328e0f214cad39a83d043 103140 libnginx-mod-mail-dbgsym_1.26.3-3+deb13u6_i386.deb
 d3f5e3efb05e5fc31643ce8d59e9e122ff63104dace4116f72221137712cf3a3 125764 libnginx-mod-mail_1.26.3-3+deb13u6_i386.deb
 8485c82234aa28c5d0e8df8a2483765c09c6e522300579c9a0a94a7b5d284137 173424 libnginx-mod-stream-dbgsym_1.26.3-3+deb13u6_i386.deb
 b2096900d7cd91ae449855e7ab2d66e71c5ce6b202686c2cd4c581b72cf233a3 23492 libnginx-mod-stream-geoip-dbgsym_1.26.3-3+deb13u6_i386.deb
 45a7c567b93d1a55d005045ddce2cf6f5f24ce5b7fa375629771acefeadc73a1 88592 libnginx-mod-stream-geoip_1.26.3-3+deb13u6_i386.deb
 25c2001a84094630a64d9722ef7fe8795b490576f9f159152f814ecf76ec3964 160004 libnginx-mod-stream_1.26.3-3+deb13u6_i386.deb
 94063b9ea584629be2a62835ca448b02221711aeeeb62b30db4d44a90e8ac8d3 1222488 nginx-dbgsym_1.26.3-3+deb13u6_i386.deb
 f9029529bc0f4f0250780a278f0a63431f52b2753e50e0e98e8ab2efaf92d675 84484 nginx-extras_1.26.3-3+deb13u6_i386.deb
 11e9cd141e845eef6b12de5977375ac51e326f21a4db5d3d7c092b89976cdcaa 13807 nginx_1.26.3-3+deb13u6_i386-buildd.buildinfo
 c648721fd039d132255595b369f278ee8181af6329fb875d5fc5cfbec1d7b3d3 665876 nginx_1.26.3-3+deb13u6_i386.deb
Files:
 cc21216448ad9e6c034c827af44f7990 37160 debug optional libnginx-mod-http-geoip-dbgsym_1.26.3-3+deb13u6_i386.deb
 57865f8955ff4752a3cf18eee3570a0a 89452 httpd optional libnginx-mod-http-geoip_1.26.3-3+deb13u6_i386.deb
 a0a4d49e93f48d8bef9d57c9fe6995a0 44852 debug optional libnginx-mod-http-image-filter-dbgsym_1.26.3-3+deb13u6_i386.deb
 c6bf4bbb3bac772ed946fcc8d093dfcf 93216 httpd optional libnginx-mod-http-image-filter_1.26.3-3+deb13u6_i386.deb
 4b9ef21b052adc4f7ee0876fb1e71a6b 104372 debug optional libnginx-mod-http-perl-dbgsym_1.26.3-3+deb13u6_i386.deb
 55a54068970ecdb1aa199d1af00b6f41 102436 httpd optional libnginx-mod-http-perl_1.26.3-3+deb13u6_i386.deb
 d30730cc5c7fa03ad5b72eaac985ed14 53124 debug optional libnginx-mod-http-xslt-filter-dbgsym_1.26.3-3+deb13u6_i386.deb
 d6afe49c237f74192b5f46321315c3b6 91848 httpd optional libnginx-mod-http-xslt-filter_1.26.3-3+deb13u6_i386.deb
 475d55b7762287994b08e215e65eae0c 103140 debug optional libnginx-mod-mail-dbgsym_1.26.3-3+deb13u6_i386.deb
 484fb6b9716e4ca77aa14bb10861e53a 125764 httpd optional libnginx-mod-mail_1.26.3-3+deb13u6_i386.deb
 f65823754c47be85471989699969cef3 173424 debug optional libnginx-mod-stream-dbgsym_1.26.3-3+deb13u6_i386.deb
 41ec9aebf543e6c6e3ec3f00809cce75 23492 debug optional libnginx-mod-stream-geoip-dbgsym_1.26.3-3+deb13u6_i386.deb
 62c4f390b847e69a6665eb074d590988 88592 httpd optional libnginx-mod-stream-geoip_1.26.3-3+deb13u6_i386.deb
 60b45e5db63696c8007622f7765afb82 160004 httpd optional libnginx-mod-stream_1.26.3-3+deb13u6_i386.deb
 68229a96647ff6987fb5fe451672efb2 1222488 debug optional nginx-dbgsym_1.26.3-3+deb13u6_i386.deb
 e6a4e14a3d2beb53006beeda8def3817 84484 httpd optional nginx-extras_1.26.3-3+deb13u6_i386.deb
 907b2cd5e16242458235a4619f26de90 13807 httpd optional nginx_1.26.3-3+deb13u6_i386-buildd.buildinfo
 da14cd06f3838553ba83335952827ce1 665876 httpd optional nginx_1.26.3-3+deb13u6_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmtr4KUMaso2EQ6NrTwt/65ON6zcFAmokM5MACgkQTwt/65ON
6zfoHhAAlpzm5OFD6VS6vxqK7W8U5pmIYt2zT5hKNFMeJYrH1EtNN5S/hAOqg/B8
/IQsWFqPaLpE/1Eu14BWWVx3YgIoOZC0teL7Ixytsjjh/mMSGZBnyU306cYt6Ux0
aqBvdSdBPYGD0NpR1tUItF7n7n9WCfC5Znqx3WSDgXc+OYTZCtqku3LkEFL0tDaN
u2d8Qp1bnW3Z90Wrrxnh3vp4QD3AjS2XBYFkVczfjFQZMNfFU4o/Q1SH2yxSvy1Q
2OYODoFFyCWtmHjY8+mL1KD1oNvdjhU0DO1zNJ26hA8nIEY05msw/eLvZvl9zzNC
cHcy8z0fKjfUmFTLn20EJ3cuQ3WNtW5zOR6+fcDX/vuEOV89kfzIt/G3O9koKBR4
98ia3z0JS751fV1GeGbNDgkPr1AykBax3I2FjTN00SYln7exiFYg3bkDo0uMFvyV
fC1pfBKdT7XCGq9awZkEKP0vBWFSGd5MoXW8EVKe8iQwfM+Dn26nDQgX3I24R/r2
4B8nvjUjkX1QtUcH/OXIhS++stpaxUcNnYsHDs7vnG07xCw3U+1xgbIz0cZwd37O
qEKjmmlKF7Qrfs2RXYWp0+cdv3/mPfv1AlV/jfBsGr8u+EaqAlauKBC01YMIpIhJ
0THcpRpEZ5LuinZ07bYmJ5TIq8x6I9KkoEVj+J2SDXtdQiA6Xn4=
=dg/t
-----END PGP SIGNATURE-----