-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:23:48 +0000
Source: nginx
Binary: libnginx-mod-http-geoip libnginx-mod-http-geoip-dbgsym libnginx-mod-http-image-filter libnginx-mod-http-image-filter-dbgsym libnginx-mod-http-perl libnginx-mod-http-perl-dbgsym libnginx-mod-http-xslt-filter libnginx-mod-http-xslt-filter-dbgsym libnginx-mod-mail libnginx-mod-mail-dbgsym libnginx-mod-stream libnginx-mod-stream-dbgsym libnginx-mod-stream-geoip libnginx-mod-stream-geoip-dbgsym nginx nginx-dbgsym nginx-extras
Architecture: arm64
Version: 1.22.1-9+deb12u8
Distribution: bookworm-security
Urgency: medium
Maintainer: arm64 Build Daemon (arm-ubc-01) <buildd_arm64-arm-ubc-01@buildd.debian.org>
Changed-By: Jan Mojžíš <janmojzis@debian.org>
Description:
 libnginx-mod-http-geoip - GeoIP HTTP module for Nginx
 libnginx-mod-http-image-filter - HTTP image filter module for Nginx
 libnginx-mod-http-perl - Perl module for Nginx
 libnginx-mod-http-xslt-filter - XSLT Transformation module for Nginx
 libnginx-mod-mail - Mail module for Nginx
 libnginx-mod-stream - Stream module for Nginx
 libnginx-mod-stream-geoip - GeoIP Stream module for Nginx
 nginx      - small, powerful, scalable web/proxy server
 nginx-extras - nginx web/proxy server (extended version)
Changes:
 nginx (1.22.1-9+deb12u8) bookworm-security; urgency=medium
 .
   * Apply both patches to fix CVE-2026-42946. In the previous version,
     only one part of the patch was applied, so the fix was incomplete.
     This really fixes CVE-2026-42946, thanks to charles@debian.org for
     pointing it out.
     * d/p/CVE-2026-42946.patch rename to d/p/CVE-2026-42946.2.patch
     * d/p/CVE-2026-42946.1.patch add
   * backport fix for buffer overflow vulnerability in the
     ngx_http_rewrite_module (CVE-2026-9256) from upstream 1.30.2 nginx.
     * d/p/CVE-2026-9256.patch add
   * backport max_headers directive from upstream nginx. It limits the number
     of request headers accepted from clients. Fixes remote denial-of-service
     exploit.
     And move max_headers from core module to the ngx_http_header_count_module
     to avoid potential ABI breakage and keep all the 3rd party modules
     compatible with the new version of nginx without recompilation.
     A big thanks to Miao Wang for preparing the modification.
     Fixes TEMP-1138794-BADE22.
     * d/p/FIX-HTTP2bomb.patch add
Checksums-Sha1:
 f8dda7fa2fdafb02b699d635dc6a67498d64070a 36824 libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_arm64.deb
 df7ce7a15abba49d97f4e187218156907401a0bc 85768 libnginx-mod-http-geoip_1.22.1-9+deb12u8_arm64.deb
 27bb8aca1a2fbad7dcc540f17c75fef488016674 43756 libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_arm64.deb
 3fd47b568305b8155f585c7b7a1e981952085dc0 89152 libnginx-mod-http-image-filter_1.22.1-9+deb12u8_arm64.deb
 80a2b19b9833cc6f423b36bb5e7273ebe54b9653 98532 libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_arm64.deb
 98fa31c4a45ceadccaf3ebc8a01564b81d08361d 96908 libnginx-mod-http-perl_1.22.1-9+deb12u8_arm64.deb
 0f557ae5b4ed7b5486e6a52e3f1517910d68ddc6 53212 libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_arm64.deb
 fb13f18f52d94ee350b81beb4a0ae41ad923ac77 87780 libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_arm64.deb
 e09d2cd4cd61fdcdb4b1f18cbf3eb69db24c6af3 104576 libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_arm64.deb
 eb4beed6bf94e6c50cfe9ef2b3e84b5bd24d19e7 117544 libnginx-mod-mail_1.22.1-9+deb12u8_arm64.deb
 1c4b9be03524ccf26079cf70d7377030b820cbf7 168608 libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_arm64.deb
 0f605abbd926e4388b26c37c7fb5b05c7f093c1c 22600 libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_arm64.deb
 39f640cc764f33e694bc9d28e4e387ac53fc4fb4 84972 libnginx-mod-stream-geoip_1.22.1-9+deb12u8_arm64.deb
 cf55df759bff77af8b2ad9867b97847c79387e29 141016 libnginx-mod-stream_1.22.1-9+deb12u8_arm64.deb
 30f9b5ac976bd4e5dc2bbd92fc61fba2ce7e1006 1094876 nginx-dbgsym_1.22.1-9+deb12u8_arm64.deb
 a22e6c6857b1ba49d02a5d213db87c39e860083f 81336 nginx-extras_1.22.1-9+deb12u8_arm64.deb
 f2a53056cc60e796691031ad9a569161163ee1d6 14279 nginx_1.22.1-9+deb12u8_arm64-buildd.buildinfo
 43ea61f3f30308ccc8db51f77d846b275733595b 495888 nginx_1.22.1-9+deb12u8_arm64.deb
Checksums-Sha256:
 af5e8b9c8ac8986b3a4e1dd33a7fe35184dcac8ec13087448057830ce0a8e3d1 36824 libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_arm64.deb
 2d37c8ab4f76a8e6cd7fb7fc80afe6c2f457c4c0b9225b3e3230682a4b8ba090 85768 libnginx-mod-http-geoip_1.22.1-9+deb12u8_arm64.deb
 68e082cf0abe97982b4524c5603bc04656119dd2cf8829737f12c4c9c8671221 43756 libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_arm64.deb
 a557d84f783899f142d6d4f82d454903d94409a45e819cc50e8aeb424843d9d8 89152 libnginx-mod-http-image-filter_1.22.1-9+deb12u8_arm64.deb
 8ea0f07fb3182b5f30c190c6b3218c4820e2d0a02c28c0b66e364adb825ad469 98532 libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_arm64.deb
 a2549fee53813adb00f4150ba1a152b1ae2eb023f02feda024d1cbe23bea9237 96908 libnginx-mod-http-perl_1.22.1-9+deb12u8_arm64.deb
 46e42a12dfc5f87591b9af0262b4dd2a216ec3fc107e21b066443178cd528fc0 53212 libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_arm64.deb
 8da2b821e016d8236a2c48f2a8da3cf3f1b2b16f8eae7b9c9537499b1b1eb677 87780 libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_arm64.deb
 049b3e4accf9bb3821a99b36e545756f6d34373b64077b03b69638b82ffae9dc 104576 libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_arm64.deb
 e7542bf167c4adbd5d12d90f89131a18d7b20f491779c7bcac44feccbdb246fa 117544 libnginx-mod-mail_1.22.1-9+deb12u8_arm64.deb
 e9ed61a49a9e69b22585936fe166a29326c1b6e34a8d823889851148c9d45479 168608 libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_arm64.deb
 529f74b029252f0bf42ad21c60d7cf1a94bf9799037fbe4480a254b57ba5a978 22600 libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_arm64.deb
 3278ccb541279cd4c1520e5740668a6ae74efd2c3817e8b6b669da930853ea81 84972 libnginx-mod-stream-geoip_1.22.1-9+deb12u8_arm64.deb
 c6074bf2bf2bef686d5ffd36fa82c7292a92e26fa02055424d8fef2608610b8a 141016 libnginx-mod-stream_1.22.1-9+deb12u8_arm64.deb
 f097556037232f68e05f58d57c26beae8e7b5dbab9e16f023e6c87ebed465d90 1094876 nginx-dbgsym_1.22.1-9+deb12u8_arm64.deb
 147018974b53f513c07aae8088472deef3f4b1f2d4052800a1dfd180fec5f38a 81336 nginx-extras_1.22.1-9+deb12u8_arm64.deb
 aa4d892b1110b1ab127fcfa0eabef46a9584497eb566f6f80a175e42610315ac 14279 nginx_1.22.1-9+deb12u8_arm64-buildd.buildinfo
 0541de96fc863020040aaf87a31e7342d4fbf201f5d6c828eff7dd39e1c11409 495888 nginx_1.22.1-9+deb12u8_arm64.deb
Files:
 983947050ddee32b732480afb36289a0 36824 debug optional libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_arm64.deb
 0d748d8f490b4f05ce43707dfb9b8c9b 85768 httpd optional libnginx-mod-http-geoip_1.22.1-9+deb12u8_arm64.deb
 5d735fa69b5fc8b45794aa5255dddbe5 43756 debug optional libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_arm64.deb
 4ac162d2a07a5900b36b1bdd6aacad2d 89152 httpd optional libnginx-mod-http-image-filter_1.22.1-9+deb12u8_arm64.deb
 2dcd023ec02d5850675ccbb1c14f8085 98532 debug optional libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_arm64.deb
 d15326fe48b6b6070cf4a3cf6258de18 96908 httpd optional libnginx-mod-http-perl_1.22.1-9+deb12u8_arm64.deb
 3faac9cb8977ad807b2bab1c2cd45151 53212 debug optional libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_arm64.deb
 79a6cc6847c4b4710af97b010a3866dc 87780 httpd optional libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_arm64.deb
 2974ea8265c2d303ce8d14390e05d193 104576 debug optional libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_arm64.deb
 2ac60e113981a446adfc9c682bec3925 117544 httpd optional libnginx-mod-mail_1.22.1-9+deb12u8_arm64.deb
 39f88def2810cb94226b61db0022b4e2 168608 debug optional libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_arm64.deb
 f46332e2233692b8cad74ff7b3038e1a 22600 debug optional libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_arm64.deb
 8375a07411e88547962fb8bb07cc522a 84972 httpd optional libnginx-mod-stream-geoip_1.22.1-9+deb12u8_arm64.deb
 fa7006e3679155b8755d94493f1edb47 141016 httpd optional libnginx-mod-stream_1.22.1-9+deb12u8_arm64.deb
 2c84185357bd032735d07b77706d90d9 1094876 debug optional nginx-dbgsym_1.22.1-9+deb12u8_arm64.deb
 ee89d30ad3f9777a24865877f8f641d0 81336 httpd optional nginx-extras_1.22.1-9+deb12u8_arm64.deb
 c8a3316cd0a4cc1c8ba39a878c94f93f 14279 httpd optional nginx_1.22.1-9+deb12u8_arm64-buildd.buildinfo
 bd35e1f6445104131a010ffca8d0f259 495888 httpd optional nginx_1.22.1-9+deb12u8_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0Ha//LlsGOpbQ/H4xqCFmsOWgoYFAmokMzAACgkQxqCFmsOW
goaZhg/+K9lqw6G2H3Vob5OT1b1zlf3Ww1JoOZAbQ9b65Itk8G0iLin1FBXAJFSE
aI2VNKC1RoF4eVW2CFCI7+RIBDvlLpMlk1KfBcGUFyPX8o8jx4rDK25qqfsO6DCu
FQTCHsQFJOGz2UTf8Viajk0uDfrUdiQYFZeLgRHvrkY5fW84Vq0Jyn/5ndFhu9wL
RlLbxdoyp8t4uZYqd11UQ7hA/7JfqEnP23pDI79GTztIoU8TdwkGo7UHrajYFjlk
C9nY1OUalgxXHqG8MGz+w/RMbGbpg5MNd3TVM2eFBzHSuFmybuDtPOXWBIYZL4Np
+ACiX4xzDvYDR+2PjINcMUQJCeS4cnfrNf+v0x6ihs65BoQYhISfqQoZhvMcdKiT
8aXQlDNUrjNblXEfXQTk6zWTfvOMOBFtZfAwd9gkcCZ/IzDT+AzjHVlinpx22mpr
c7ZUM0PJCONJepypw/ZQfJ97uIS8v0DeyhQkNw/aKodPikNHu7vrL/BKDJuyXCQl
3eY+anyJly5yes0jIQLUgatM4Y5BcB2nRFtwJRprjwDMnv7dZlmhBZ6E2d3nrm7L
7uXCZUFLjMt02yBc80FyYZchdxekQ3U+4Y1UjFiAQ285noxjgdpqpIGAQ46AaWJG
gx+QtNtKcq5x4qHvebL1qF4/3sud4xEtYZUjaxzLFtid6pYYua4=
=X4Tt
-----END PGP SIGNATURE-----