-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:23:48 +0000
Source: nginx
Binary: libnginx-mod-http-geoip libnginx-mod-http-geoip-dbgsym libnginx-mod-http-image-filter libnginx-mod-http-image-filter-dbgsym libnginx-mod-http-perl libnginx-mod-http-perl-dbgsym libnginx-mod-http-xslt-filter libnginx-mod-http-xslt-filter-dbgsym libnginx-mod-mail libnginx-mod-mail-dbgsym libnginx-mod-stream libnginx-mod-stream-dbgsym libnginx-mod-stream-geoip libnginx-mod-stream-geoip-dbgsym nginx nginx-dbgsym nginx-extras
Architecture: armhf
Version: 1.22.1-9+deb12u8
Distribution: bookworm-security
Urgency: medium
Maintainer: armhf Build Daemon (arm-ubc-05) <buildd_arm64-arm-ubc-05@buildd.debian.org>
Changed-By: Jan Mojžíš <janmojzis@debian.org>
Description:
 libnginx-mod-http-geoip - GeoIP HTTP module for Nginx
 libnginx-mod-http-image-filter - HTTP image filter module for Nginx
 libnginx-mod-http-perl - Perl module for Nginx
 libnginx-mod-http-xslt-filter - XSLT Transformation module for Nginx
 libnginx-mod-mail - Mail module for Nginx
 libnginx-mod-stream - Stream module for Nginx
 libnginx-mod-stream-geoip - GeoIP Stream module for Nginx
 nginx      - small, powerful, scalable web/proxy server
 nginx-extras - nginx web/proxy server (extended version)
Changes:
 nginx (1.22.1-9+deb12u8) bookworm-security; urgency=medium
 .
   * Apply both patches to fix CVE-2026-42946. In the previous version,
     only one part of the patch was applied, so the fix was incomplete.
     This really fixes CVE-2026-42946, thanks to charles@debian.org for
     pointing it out.
     * d/p/CVE-2026-42946.patch rename to d/p/CVE-2026-42946.2.patch
     * d/p/CVE-2026-42946.1.patch add
   * backport fix for buffer overflow vulnerability in the
     ngx_http_rewrite_module (CVE-2026-9256) from upstream 1.30.2 nginx.
     * d/p/CVE-2026-9256.patch add
   * backport max_headers directive from upstream nginx. It limits the number
     of request headers accepted from clients. Fixes remote denial-of-service
     exploit.
     And move max_headers from core module to the ngx_http_header_count_module
     to avoid potential ABI breakage and keep all the 3rd party modules
     compatible with the new version of nginx without recompilation.
     A big thanks to Miao Wang for preparing the modification.
     Fixes TEMP-1138794-BADE22.
     * d/p/FIX-HTTP2bomb.patch add
Checksums-Sha1:
 a8c92ef2174d57c1be68d2609ba64d58e18f3421 36888 libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_armhf.deb
 3f29ea801c67d75468caa172505ce2268f01e618 84996 libnginx-mod-http-geoip_1.22.1-9+deb12u8_armhf.deb
 dd27ecda361db7135c03206d97830307a81f811f 44276 libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_armhf.deb
 af866c3c6d520bf74eca84ef9f61426796b44b00 88380 libnginx-mod-http-image-filter_1.22.1-9+deb12u8_armhf.deb
 bbfce22d21d1bb3e0c13b63e9b061a6a11bd34d8 98696 libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_armhf.deb
 ea632f82be929dddf6b3949c01d0fd024f22f825 95204 libnginx-mod-http-perl_1.22.1-9+deb12u8_armhf.deb
 93a35505878c2ffbe55c93d937673f77e97b530f 53136 libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_armhf.deb
 a7ffddf283b202a09a7b6e4fa729d8a42bf71e1a 86824 libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_armhf.deb
 a5cb9ffe48137dc319bc68acc1c06c64cc213d09 110132 libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_armhf.deb
 1ba49dc78a8a0c6b0af0a655f3cc884424b51208 115428 libnginx-mod-mail_1.22.1-9+deb12u8_armhf.deb
 6e7c6a89e117757c15021a915806e28b36cb865a 175428 libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_armhf.deb
 18093d5a6f6b612968fdf47ab6e083f658fbcbae 22724 libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_armhf.deb
 d9aeadb982e880b2f0465598dab03bcbb44401de 84360 libnginx-mod-stream-geoip_1.22.1-9+deb12u8_armhf.deb
 4b545603ad9ca0d6ac0ac53d7156a9a2f667933e 135376 libnginx-mod-stream_1.22.1-9+deb12u8_armhf.deb
 f67494ef010012c5b7446a53af107098fa07a160 1119372 nginx-dbgsym_1.22.1-9+deb12u8_armhf.deb
 f9d1bd3c2f28ff6dda2dc74a00f42529ce702785 81336 nginx-extras_1.22.1-9+deb12u8_armhf.deb
 437e555429659c7e25383e7b3e46c1528a27c04f 14099 nginx_1.22.1-9+deb12u8_armhf-buildd.buildinfo
 f4850b8353e8d3e84b4477a2d1d9eb39eaf404aa 473044 nginx_1.22.1-9+deb12u8_armhf.deb
Checksums-Sha256:
 b86e976c75ff84c94cbfacc4491cdf8065a5c7004c053dbc45a1dd3fd7c57dda 36888 libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_armhf.deb
 ece4a4dcde2b8d046d40940d8bef8aa223e00b586d55d3d525ed3241e897d6d4 84996 libnginx-mod-http-geoip_1.22.1-9+deb12u8_armhf.deb
 1e59f232d8ad54a4fac4e2f7326199693c2c4540cbf5218bb4e420ba352eda10 44276 libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_armhf.deb
 05b775b404b20d70d1c3ec6636baabec46c74cf5544da80c69acff0445908ba7 88380 libnginx-mod-http-image-filter_1.22.1-9+deb12u8_armhf.deb
 cb0e2bb0bf5d14e6d1d67d5a3dd9f76077ac0f3a388dcfea4526a8543b60f70e 98696 libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_armhf.deb
 429f5c9a4289a05dad5fc020c10b49f33c7f77bf253b055247307c106a413b25 95204 libnginx-mod-http-perl_1.22.1-9+deb12u8_armhf.deb
 70decf9ee74467ebee42919a6660ba792bd6b8fd3c5c24f5991d684f522a0a11 53136 libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_armhf.deb
 f0c4be7bd4dc2f7e7244293dfc25ad0e164a43ee21f1b7c7df35d9aa1e3bfa98 86824 libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_armhf.deb
 7e13671e097449045f0b04d977829db856e0603e6a6091427b56d0959e04357d 110132 libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_armhf.deb
 ff98b67286aad1453e9f8bf3af3e92c726b5db8a56ca4e8d7709ab1f79c73b5d 115428 libnginx-mod-mail_1.22.1-9+deb12u8_armhf.deb
 d4d1e8ad5ee53e70a6952a38ee70b6033b736ad8e18a38d00d37239e4ce85048 175428 libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_armhf.deb
 21bed8943c2901ade2705474a2b487310b15b4463ac319eaff9362defa9cf4eb 22724 libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_armhf.deb
 da54a4cdcb38640ae73203663840f8d6090794e615cd777506ead2e4de4908d2 84360 libnginx-mod-stream-geoip_1.22.1-9+deb12u8_armhf.deb
 bedadc9f2957b6ed1d8a03fe4b7c62c5efa77b87e25be71016a042d3e7f46cbb 135376 libnginx-mod-stream_1.22.1-9+deb12u8_armhf.deb
 6ac91b270fa88dfde44a3815db02d441101968144eda1644682e44dad3f7e07a 1119372 nginx-dbgsym_1.22.1-9+deb12u8_armhf.deb
 e7e2eeea954e40c4ec4bbc005950eae4f3ae0f9598f4a75d0974ea038d16e270 81336 nginx-extras_1.22.1-9+deb12u8_armhf.deb
 41162f0a8880abd1361dae6c78fdb5cb189182e6bd1092313392332a31e65281 14099 nginx_1.22.1-9+deb12u8_armhf-buildd.buildinfo
 33806a777d46e34dfa03b0b5d8212b2f080fbc2c0091801420b0d284d3ca729a 473044 nginx_1.22.1-9+deb12u8_armhf.deb
Files:
 551f0d7240dd4733972f811df3d823dc 36888 debug optional libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_armhf.deb
 4af72b9dc0326d7d3fc3c3fd5f0cc234 84996 httpd optional libnginx-mod-http-geoip_1.22.1-9+deb12u8_armhf.deb
 4bdc1541b82074aaf10f092c5299507c 44276 debug optional libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_armhf.deb
 8ec13714e15401a6fc07e95db7599ca4 88380 httpd optional libnginx-mod-http-image-filter_1.22.1-9+deb12u8_armhf.deb
 3e8d90b3fa6163440395f766dae53a9e 98696 debug optional libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_armhf.deb
 3400279c25b5581089e41a9f47510e21 95204 httpd optional libnginx-mod-http-perl_1.22.1-9+deb12u8_armhf.deb
 bec7dd3189eb0849c3f85ed9b19662b4 53136 debug optional libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_armhf.deb
 69d3205d5a79ade025d9b0c27d855bd3 86824 httpd optional libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_armhf.deb
 be4c3f077896f48c5fadbf57a2f4630f 110132 debug optional libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_armhf.deb
 bfb42d3e4d4c8ed7dcb60de78447ef5c 115428 httpd optional libnginx-mod-mail_1.22.1-9+deb12u8_armhf.deb
 1b1bc89f241ba22362001c655226efd7 175428 debug optional libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_armhf.deb
 46d9e9b181fed447a50f62670ee498b7 22724 debug optional libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_armhf.deb
 14bb2cec472dae7f8bdf1966e1899790 84360 httpd optional libnginx-mod-stream-geoip_1.22.1-9+deb12u8_armhf.deb
 0e0d523d7d28be97fac753dd7153da6b 135376 httpd optional libnginx-mod-stream_1.22.1-9+deb12u8_armhf.deb
 7173ffcec8288aabbc3863282d63142d 1119372 debug optional nginx-dbgsym_1.22.1-9+deb12u8_armhf.deb
 3847f440fe99d1ca8bfecdaa2df29c09 81336 httpd optional nginx-extras_1.22.1-9+deb12u8_armhf.deb
 dd2d8cc3a2893e3089525ecfa56d1bd6 14099 httpd optional nginx_1.22.1-9+deb12u8_armhf-buildd.buildinfo
 374323b0b45ff0d15bacd727ecd44cdc 473044 httpd optional nginx_1.22.1-9+deb12u8_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7rv+l3KtZdQea77lnwznazfjXToFAmokMz0ACgkQnwznazfj
XTqsOBAA2mpvQ9sebQrkdl7UC3vl5s0o5YS8VsJSsmetKmN8rfJdyban4QNO+Lil
309V492Iv1GNRt9NY3OzrZAX1cOg3Z8I9ITflF38VZXQJUsgyIh6JXGV9Z0hsTZL
VUYvp+mr4JkFzPGAGpUZfx6+dQyPRzjidsLD21DftW586YObBGmLhm7f+YErkdBY
r4cJ6/nbMFAwyfxvq9gHgiF2Ju0/ZSLB6I2qLpoJHkFQtlspeJ7O1mbjFabZN6pl
oaAv/ILllDDsYRpPZAHIPwe2xmzBTeyLlAG12aGKdWZJ4cT0PTuYnSaK4Mrpo4GZ
dHnFguImqWL9fMVGThOvbqbKZY7V2TnWxj+9BnRfAH9b0fKkR0gJQUai8fRTZwqe
3b3fm4EKrrgDg67kp7186v2C4Kxq46ZPdGnF57BhJmxo+5UqYQZL6ftISn4KMAKP
iolUyymqgffmMr2bfJHoA20Mjh9rtYBwKj2C0pHpHMaIvmda23rC3WvgyOgnLsS3
lVOFKZ19vJBXj7j78gINWtoHHhyZon1jzSr9Hp00SpYf8DT+eB6hpDKLFrKUIc+r
PtBaPtMYQmbaOX1zDtS4GNC6f0PYf5BWyoKkCD9ptnGoS50Xn0KJB8ptdbDvOJuY
WRN2S7VBuyJsJSY8w7g74LU6PXc2wCgshChKpCeBzjQtG5vuRME=
=0cnh
-----END PGP SIGNATURE-----