-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:22:02 +0000
Source: nginx
Binary: libnginx-mod-http-geoip libnginx-mod-http-geoip-dbgsym libnginx-mod-http-image-filter libnginx-mod-http-image-filter-dbgsym libnginx-mod-http-perl libnginx-mod-http-perl-dbgsym libnginx-mod-http-xslt-filter libnginx-mod-http-xslt-filter-dbgsym libnginx-mod-mail libnginx-mod-mail-dbgsym libnginx-mod-stream libnginx-mod-stream-dbgsym libnginx-mod-stream-geoip libnginx-mod-stream-geoip-dbgsym nginx nginx-dbgsym nginx-extras
Architecture: ppc64el
Version: 1.26.3-3+deb13u6
Distribution: trixie-security
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-conova-02) <buildd_ppc64el-ppc64el-conova-02@buildd.debian.org>
Changed-By: Jan Mojžíš <janmojzis@debian.org>
Description:
 libnginx-mod-http-geoip - GeoIP HTTP module for Nginx
 libnginx-mod-http-image-filter - HTTP image filter module for Nginx
 libnginx-mod-http-perl - Perl module for Nginx
 libnginx-mod-http-xslt-filter - XSLT Transformation module for Nginx
 libnginx-mod-mail - Mail module for Nginx
 libnginx-mod-stream - Stream module for Nginx
 libnginx-mod-stream-geoip - GeoIP Stream module for Nginx
 nginx      - small, powerful, scalable web/proxy server
 nginx-extras - nginx web/proxy server (extended version)
Changes:
 nginx (1.26.3-3+deb13u6) trixie-security; urgency=medium
 .
   * Apply both patches to fix CVE-2026-42946. In the previous version,
     only one part of the patch was applied, so the fix was incomplete.
     This really fixes CVE-2026-42946, thanks to charles@debian.org for
     pointing it out.
     * d/p/CVE-2026-42946.patch rename to d/p/CVE-2026-42946.2.patch
     * d/p/CVE-2026-42946.1.patch add
   * backport fix for buffer overflow vulnerability in the
     ngx_http_rewrite_module (CVE-2026-9256) from upstream 1.30.2 nginx.
     * d/p/CVE-2026-9256.patch add
   * backport max_headers directive from upstream nginx. It limits the number
     of request headers accepted from clients. Fixes remote denial-of-service
     exploit.
     And move max_headers from core module to the ngx_http_header_count_module
     to avoid potential ABI breakage and keep all the 3rd party modules
     compatible with the new version of nginx without recompilation.
     A big thanks to Miao Wang for preparing the modification.
     Fixes TEMP-1138794-BADE22.
     * d/p/FIX-HTTP2bomb.patch add
Checksums-Sha1:
 af73b4025b756f76f339c2a73c037ea494b5f23c 38456 libnginx-mod-http-geoip-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 ada5281645ebf9220ca06a84d01f99c3ad2ce4cc 89740 libnginx-mod-http-geoip_1.26.3-3+deb13u6_ppc64el.deb
 3affb16b79feb3935ee771d9d04d8bc30488b23a 46672 libnginx-mod-http-image-filter-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 becb894116a376459bca56eda66f828a5608283e 93604 libnginx-mod-http-image-filter_1.26.3-3+deb13u6_ppc64el.deb
 1468307d5cfecb0548a91c99095f3eda2016ea91 109828 libnginx-mod-http-perl-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 5592755a0c79f2f7fdf963e63ecef4ea679a571b 102108 libnginx-mod-http-perl_1.26.3-3+deb13u6_ppc64el.deb
 850fc9e1ec9426287aee8dec9b720ef5ec6b24aa 55008 libnginx-mod-http-xslt-filter-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 4b2e154b5b116013597833477922c6e3e91d9b27 92332 libnginx-mod-http-xslt-filter_1.26.3-3+deb13u6_ppc64el.deb
 2cb4f53a33d0d1f05f5c87199137fe49f99056e3 108276 libnginx-mod-mail-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 430be19c3b74a3fc4bdc27095580129d2fe1968f 126332 libnginx-mod-mail_1.26.3-3+deb13u6_ppc64el.deb
 b6619225355a41d3088d686e28efc44c336b3813 192884 libnginx-mod-stream-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 e0333eeea96b1ca5685009c6a836ebaf1f4b6436 24300 libnginx-mod-stream-geoip-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 7bfa9bd17a3f3e4144dc8ff87b737c0e82f0767b 88884 libnginx-mod-stream-geoip_1.26.3-3+deb13u6_ppc64el.deb
 5e25655162c8c0f3f642ebcfbf752758b356798f 162588 libnginx-mod-stream_1.26.3-3+deb13u6_ppc64el.deb
 bc29153ea5140d1df3f38e46304667e4932510de 1388684 nginx-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 7cf63b1574d94d077797f421f8682bd61f9e3b8d 84480 nginx-extras_1.26.3-3+deb13u6_ppc64el.deb
 dc2522ebc15c52c273c980e277e43920b3865da1 14040 nginx_1.26.3-3+deb13u6_ppc64el-buildd.buildinfo
 40c77d5b05526c62847952ef4d8fd22d3ea676c9 653892 nginx_1.26.3-3+deb13u6_ppc64el.deb
Checksums-Sha256:
 38e4f5ddd3caa9de66cc5ddf52151074182bc69d008faedea71e551d862ec1a7 38456 libnginx-mod-http-geoip-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 f01251e3a73970e577e77d43939fa21f81a3eecece7029644a8a404a0df66c58 89740 libnginx-mod-http-geoip_1.26.3-3+deb13u6_ppc64el.deb
 82095cc7999a2b84a8b2e70ef6af2b6c8b0753e04b361814391309f10ff1d295 46672 libnginx-mod-http-image-filter-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 31d98de62add1f06a004a0245ef0421880d911c8621f0b2c18fd7469d7b90f63 93604 libnginx-mod-http-image-filter_1.26.3-3+deb13u6_ppc64el.deb
 870fca96fdda4748eb017b38c50e458bfc3132f0ddc22b6665fc15f9de253788 109828 libnginx-mod-http-perl-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 1523158068fd657cd04fcab0d55d56a2b20f43194940f0871ed2f570db4c2e5b 102108 libnginx-mod-http-perl_1.26.3-3+deb13u6_ppc64el.deb
 6c5e622b833229290f34d7b514a9853f4e0a038bcedcefd423402d2f6e47b80b 55008 libnginx-mod-http-xslt-filter-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 c2bb5fe283d90cdc3572c710e86265b4a0a6a76c2f31e81c7b4191a8eab6d94b 92332 libnginx-mod-http-xslt-filter_1.26.3-3+deb13u6_ppc64el.deb
 a1ceb110583aa625eea59cc4e264a7865c4e981ab4b4107cba95e957644e2f5d 108276 libnginx-mod-mail-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 913bba2b728a5cf272e40da09985fba6ce02579e27ff0c2512f5007beff1214a 126332 libnginx-mod-mail_1.26.3-3+deb13u6_ppc64el.deb
 9952a9feb9e93d09f2d6b8183657d92c0ff9692d7fcc67609ab8fb8d1d0dfc30 192884 libnginx-mod-stream-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 e6b6c5dc25edda4dd4e01afdbdc778334a635f059cd912fc209bd4c268754e58 24300 libnginx-mod-stream-geoip-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 076a84a7f12cfbdb7e9aee19674f7057a86c02cbb4c23cc1c042f0a58d8d6bba 88884 libnginx-mod-stream-geoip_1.26.3-3+deb13u6_ppc64el.deb
 0006169fb8f2ca4330d512c8060bdfb9815e0792a107d37125176127dd3e84c4 162588 libnginx-mod-stream_1.26.3-3+deb13u6_ppc64el.deb
 2d119dd8a0b6804a68a938960519ac741527cffc382af9495c4170b0d0c4ad1b 1388684 nginx-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 e25a36139f6291929303177b67ed84fcedbc1de7ec686496df5972ce9f2e16c5 84480 nginx-extras_1.26.3-3+deb13u6_ppc64el.deb
 5eeedc7f581ae2b01156a7a210cea255c6b2a5251abe801a9b7ea06e2d3fa6d6 14040 nginx_1.26.3-3+deb13u6_ppc64el-buildd.buildinfo
 7cf9f787f56f7d641ac0d3c1cb1e39a0dc8a8378d47c867b3af147b7a0eafd8b 653892 nginx_1.26.3-3+deb13u6_ppc64el.deb
Files:
 22bdbb86c98679d8dc73d08cc8c3a83a 38456 debug optional libnginx-mod-http-geoip-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 db4db691f2e432affb5513f021f92c32 89740 httpd optional libnginx-mod-http-geoip_1.26.3-3+deb13u6_ppc64el.deb
 2415ce92cf109f98329da2ac1973c49d 46672 debug optional libnginx-mod-http-image-filter-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 847ecc47afad155a18e61a8d372f247b 93604 httpd optional libnginx-mod-http-image-filter_1.26.3-3+deb13u6_ppc64el.deb
 ad10956b92ef3403dd8439f88d3a2cbd 109828 debug optional libnginx-mod-http-perl-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 7aa0ad5b166932985858b68864a0a34a 102108 httpd optional libnginx-mod-http-perl_1.26.3-3+deb13u6_ppc64el.deb
 b83e523d1226823f6b691818039008dd 55008 debug optional libnginx-mod-http-xslt-filter-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 be59e0b1bf98f77555037939af4d71af 92332 httpd optional libnginx-mod-http-xslt-filter_1.26.3-3+deb13u6_ppc64el.deb
 073860a5dfdc58409ecb5f91c4ef903b 108276 debug optional libnginx-mod-mail-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 e0d47c103fca4ad23681cbcd9a9e28a8 126332 httpd optional libnginx-mod-mail_1.26.3-3+deb13u6_ppc64el.deb
 a0ba448eb55475f063fafbec33a0f8c1 192884 debug optional libnginx-mod-stream-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 eea0a0d198910cb5530dd1819ca76272 24300 debug optional libnginx-mod-stream-geoip-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 1c57a11c3bfc0120b169734176366a33 88884 httpd optional libnginx-mod-stream-geoip_1.26.3-3+deb13u6_ppc64el.deb
 62612e12365f2607d104e9f687902572 162588 httpd optional libnginx-mod-stream_1.26.3-3+deb13u6_ppc64el.deb
 51f362d973ed95588d19d1954292e2c3 1388684 debug optional nginx-dbgsym_1.26.3-3+deb13u6_ppc64el.deb
 4ad4f9d023ceeeb951fe289d8120f56f 84480 httpd optional nginx-extras_1.26.3-3+deb13u6_ppc64el.deb
 c7e97e780a6d9e32c6672846914fb2f9 14040 httpd optional nginx_1.26.3-3+deb13u6_ppc64el-buildd.buildinfo
 1a849c4bcbd1546aa65632433f7670a8 653892 httpd optional nginx_1.26.3-3+deb13u6_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEySUEQfg5pZeb/U372FRWNm40e2YFAmokM2cACgkQ2FRWNm40
e2bfKg//cgIGMZjlHmtLuA60snwPoPkTDnpoFDD35nLsCIO8y3vMZe3uZOV6kQp6
4dFrsouPXlQwHZJm0Jg0VCkDqJHPJJwaoHRf7C1904Jhj2qp5D+7XcCVCYMswSAX
kKdC5poFWBiBluCDOH4CXSW+y9pIirMqwofC5r0uC5LgpA7WVOSUIMeYID90gHWe
qhTdQcGyAC9KQ9jw1UarF9gyLiTg7o4fLZ2qlEhg1cEByWGhbFVZF61HgGt7Aevr
bBcKrjvmotKfDga6+ZzSF++ibK5W+DiLlK/LbqKyymr3RdAc613AWjy541ySa6q3
2Vx2w5+z98PG4BKkWfYFo5HThWkRypoalrVxV1d3MnPUYPTHC5okAjZ1Ezjwspzq
/T7C5jZHLKa74WcmMX8GUo3HseWTIchFJkuB4zPpe31/0HCLRdpH81NeLW16rx0r
DMvATtdjXtbDdxBOh3ZVnaoXDCkL03x+7Hlj73rormzRDavjdcgKhjZj2CcVHUik
V+zmIDrA1IrHm1uAyXjYMDb46Cs6cR18q9PWvBpl8GXzA232c3w+e5IMe/88fBo7
HaDw06jkYxN1VVrI2tkUcFfWbpLYUvYS92l/W1ZO9PZjC0HhV9hZqfD0LPDzyS+P
5aKzB0ZpuVkeN1GMIyvUHDG7kLaHJJHDPV38/GaBrKOob+2U2no=
=8pVp
-----END PGP SIGNATURE-----