-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:23:48 +0000
Source: nginx
Binary: libnginx-mod-http-geoip libnginx-mod-http-geoip-dbgsym libnginx-mod-http-image-filter libnginx-mod-http-image-filter-dbgsym libnginx-mod-http-perl libnginx-mod-http-perl-dbgsym libnginx-mod-http-xslt-filter libnginx-mod-http-xslt-filter-dbgsym libnginx-mod-mail libnginx-mod-mail-dbgsym libnginx-mod-stream libnginx-mod-stream-dbgsym libnginx-mod-stream-geoip libnginx-mod-stream-geoip-dbgsym nginx nginx-dbgsym nginx-extras
Architecture: mips64el
Version: 1.22.1-9+deb12u8
Distribution: bookworm-security
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-osuosl-04) <buildd_mips64el-mipsel-osuosl-04@buildd.debian.org>
Changed-By: Jan Mojžíš <janmojzis@debian.org>
Description:
 libnginx-mod-http-geoip - GeoIP HTTP module for Nginx
 libnginx-mod-http-image-filter - HTTP image filter module for Nginx
 libnginx-mod-http-perl - Perl module for Nginx
 libnginx-mod-http-xslt-filter - XSLT Transformation module for Nginx
 libnginx-mod-mail - Mail module for Nginx
 libnginx-mod-stream - Stream module for Nginx
 libnginx-mod-stream-geoip - GeoIP Stream module for Nginx
 nginx      - small, powerful, scalable web/proxy server
 nginx-extras - nginx web/proxy server (extended version)
Changes:
 nginx (1.22.1-9+deb12u8) bookworm-security; urgency=medium
 .
   * Apply both patches to fix CVE-2026-42946. In the previous version,
     only one part of the patch was applied, so the fix was incomplete.
     This really fixes CVE-2026-42946, thanks to charles@debian.org for
     pointing it out.
     * d/p/CVE-2026-42946.patch rename to d/p/CVE-2026-42946.2.patch
     * d/p/CVE-2026-42946.1.patch add
   * backport fix for buffer overflow vulnerability in the
     ngx_http_rewrite_module (CVE-2026-9256) from upstream 1.30.2 nginx.
     * d/p/CVE-2026-9256.patch add
   * backport max_headers directive from upstream nginx. It limits the number
     of request headers accepted from clients. Fixes remote denial-of-service
     exploit.
     And move max_headers from core module to the ngx_http_header_count_module
     to avoid potential ABI breakage and keep all the 3rd party modules
     compatible with the new version of nginx without recompilation.
     A big thanks to Miao Wang for preparing the modification.
     Fixes TEMP-1138794-BADE22.
     * d/p/FIX-HTTP2bomb.patch add
Checksums-Sha1:
 ed5a53fac18e972b9ec692b946e9d8037adfeaaf 37540 libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 2ad2d135adf488169f9bc484197c4587437299cf 85696 libnginx-mod-http-geoip_1.22.1-9+deb12u8_mips64el.deb
 2a061c95a7ab7a1ba65c4aa29b6c272588e284cd 44612 libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 5e00b958c026468efe74f3fcb870d0676a0c4b2f 88852 libnginx-mod-http-image-filter_1.22.1-9+deb12u8_mips64el.deb
 3fb4b82a1b83f965e5dde515e6f97e982eee26d6 101100 libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 27ef1eb6313cfb965a065b94df41ccf9d00d07cc 96100 libnginx-mod-http-perl_1.22.1-9+deb12u8_mips64el.deb
 ccb2f8a23ccc3eda4bf2a7d4b190e7ad30bd1bf6 53964 libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 cec76e8ff2e71df13ea22165d61c7a9baf238877 87472 libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_mips64el.deb
 de4872ee3c806ae3a29faf7f87f781abef8f8aac 109112 libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 4aa85c47a27852eb8f86f839ed2c1e6643bbccc2 116140 libnginx-mod-mail_1.22.1-9+deb12u8_mips64el.deb
 14139c81995c337fdf2da4a1e1029dc22ef93637 179316 libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 96ee1c31a0d2686f3cd18a201ba65b4b74384410 23148 libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 79d338c3313a791ffa9f4cecbcff4c70485242e6 84960 libnginx-mod-stream-geoip_1.22.1-9+deb12u8_mips64el.deb
 55aa5de1803741e58ea03fd93bb98ac506df5cee 137904 libnginx-mod-stream_1.22.1-9+deb12u8_mips64el.deb
 3ae26c219a0fb98cff3411ca98716ca0c72b07f6 1161748 nginx-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 7dd8b4d2565ee0a263f1199b2d14fc0df029852d 81336 nginx-extras_1.22.1-9+deb12u8_mips64el.deb
 cb2738b770c60bc6f689b45defae4d5785038cda 14206 nginx_1.22.1-9+deb12u8_mips64el-buildd.buildinfo
 63aa904e377ee391632285c45e460163d9b77d0f 478204 nginx_1.22.1-9+deb12u8_mips64el.deb
Checksums-Sha256:
 d09b838c33be08d3b19fbf199fd8782e2a75b6dcf4f144bfaa9ac34d8fe443b0 37540 libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 1538257ac78b2ac7c7ab5c8ab77bb664d8603aeca6f0db0804a80f630cda288b 85696 libnginx-mod-http-geoip_1.22.1-9+deb12u8_mips64el.deb
 384833fbd7ad3ebacce8a2392933fab94695c8b89b8629195266017295d68242 44612 libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 b7199d4bd38d57c324009611999037cedc735c94bd3f4f323322b0c9dd8e618b 88852 libnginx-mod-http-image-filter_1.22.1-9+deb12u8_mips64el.deb
 25c29978c62df8e0f783d94912c61858c2d059cecd76253040f1eea11ec74ef1 101100 libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 2117eaaf42fc8c27b30a38e34ce5146c6bb81102a6de27e536d369cb816a3d85 96100 libnginx-mod-http-perl_1.22.1-9+deb12u8_mips64el.deb
 41ba9c1905a8f4134de2746578a7f83d11ec6ff67ce1d9bac809287df5250335 53964 libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 d677c1d4f6c712ceb2e47a272c31340cb428cb95a7058a6396c431ddc3edffcc 87472 libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_mips64el.deb
 7cc34ea1c785132e5950b6e1754c4d71bca02de9d1890f42c7a20291ac573ae6 109112 libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 d6454b38c121a01bfd1c959e679edfea588a510ddf5cd04ffdc00321123306d7 116140 libnginx-mod-mail_1.22.1-9+deb12u8_mips64el.deb
 c4413e0e8a0363caf5c242a51faf347f948f89fd6d1d4cce3feb85b4580d3159 179316 libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 cd547b391ae55bb08fe6888dfb9e732d66ee56ebf13b7cda3bb9ad098b1a3116 23148 libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 1a0abc19a91635db7bd93c95ea4b37e08115dc0bbe3e3db069b43e1cb3944562 84960 libnginx-mod-stream-geoip_1.22.1-9+deb12u8_mips64el.deb
 12f7b07f466bb52e4706aa489178c531c0dc033359f5a934f68c6e65ad6e29fb 137904 libnginx-mod-stream_1.22.1-9+deb12u8_mips64el.deb
 04d3c11f640b7abbca0812fb1758683c15008625e77b5e11b55fc1cfa0cbeee3 1161748 nginx-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 f0a9c493aecb4deaf2dc476b78f15904239bf8073ffecefc056d3b18bc0668e4 81336 nginx-extras_1.22.1-9+deb12u8_mips64el.deb
 42eb4fce2cbd26270222380933c15e42a2e8b294b085d28b7c324cfe65da002c 14206 nginx_1.22.1-9+deb12u8_mips64el-buildd.buildinfo
 ac2613a45b84c562dfd13ca7246ab0f4b08b31598f676ada07e410a6937895b9 478204 nginx_1.22.1-9+deb12u8_mips64el.deb
Files:
 dd641e359ecf791ce7340c909c5b4595 37540 debug optional libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 a92396d26da49f97265563f10dde61df 85696 httpd optional libnginx-mod-http-geoip_1.22.1-9+deb12u8_mips64el.deb
 a09933429c4a5c39ff056a31a717f760 44612 debug optional libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 279873808624e73969022ab43deae8cc 88852 httpd optional libnginx-mod-http-image-filter_1.22.1-9+deb12u8_mips64el.deb
 0a5c56cf04d017124fcd78dab6ea9b4f 101100 debug optional libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 86e5b1af4604d6fe521328f1ddf88999 96100 httpd optional libnginx-mod-http-perl_1.22.1-9+deb12u8_mips64el.deb
 53c23d0817f99d194db7e754080358e1 53964 debug optional libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 14672187cbd42a03e908f1ae5c31d7e2 87472 httpd optional libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_mips64el.deb
 3db333aabf347ae7e1653f9d0694495d 109112 debug optional libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 97f80b34e1bc4f796f06691ede8691b0 116140 httpd optional libnginx-mod-mail_1.22.1-9+deb12u8_mips64el.deb
 ec985ab8d2cdc5003e6f0e8f03530222 179316 debug optional libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 0b00c49deea6c231b0fe40ff1fcd97ab 23148 debug optional libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 8709ae83092107cd01dcce52efa0c4bb 84960 httpd optional libnginx-mod-stream-geoip_1.22.1-9+deb12u8_mips64el.deb
 c3cb82eef521b4ddca7517939354695b 137904 httpd optional libnginx-mod-stream_1.22.1-9+deb12u8_mips64el.deb
 630cf315a52e687c5198e99304ddacc2 1161748 debug optional nginx-dbgsym_1.22.1-9+deb12u8_mips64el.deb
 626e2b3b62b20fb97f3bcd5ce09a54c7 81336 httpd optional nginx-extras_1.22.1-9+deb12u8_mips64el.deb
 41be425d6adf62ff09642b3d34933e67 14206 httpd optional nginx_1.22.1-9+deb12u8_mips64el-buildd.buildinfo
 fe8cc3ab84955663c8f5db620ab8ac66 478204 httpd optional nginx_1.22.1-9+deb12u8_mips64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEyYUQCyzsgu940OiVpwP2OD8jZaoFAmokM6YACgkQpwP2OD8j
Zaq4FBAAjQJPj6MyU0FBedO45DaOUSgn3XXA+Vh/l7gYiuuCtMnxFo4F0GU2dPZl
x77WJuI9Hv6jGaq20joR1i17B+C1Ol5RMSi+2dmrYyt44u2g/hwdu8M1e/ESu1Hs
LcqHySQGlUDNoZoX7LaKMyGTyjPvi6v1EFE5fPZHPxrZnRjabu6DKSP1+smir1FH
0F31VvnjBnxbZDKT9f12oUa1pra7Y1mTbbOuTsKOBHW+/4i7NyGTi31DzDulY3f3
eEbsK4hjNjoyHkrMgGqrUWnKgh7RBNW5+hyq6mQBniG7gxkDjb13fvdGW31VbGeS
JHrgataVu9B7d+7o5dMWN8aZCygjLsku0La7DagUmYgzqXcb4x74ScCfobsdOoPI
lMIfQmQkmMQe3S2lICwvrAVh2ivP0hdtwyE2IEHHh8rOCJEJ1VOzxHX9RhySrcq0
YhaHnw3zyWBwvrQb4AgYwcx6qfiKneBVcmXj4M8HE1Jiteo+H07ULv/h42at87M4
D90fEtV7FzrCmWUX2Lxf1j2dFcQmOgZ7hsR6/Y22VPAJ09SYCcpWoARIEc93Ju4j
x86XVgsgGaQwA3I3er4aOFW6/LEtoGe19OnHtQjvVufFqRO0W0iPnLFnECBReCnw
QMcCY8aHpec65LYkNAftV9sXfd3FzYHrP/Dp24Oe5I0m/Oan2I4=
=WvLX
-----END PGP SIGNATURE-----