[CLSA-2026:1781087099] Fix of 5 CVEs

Type:

security

Severity:

Important

Release date:

2026-06-10 10:25:40 UTC

Description:

   * SECURITY UPDATE: detect premature plain text response from SSL upstream (TLS plaintext injection)
     - debian/patches/CVE-2026-1642.patch: detect premature plain text response from SSL upstream (TLS plaintext injection)
     - CVE-2026-1642
   * SECURITY UPDATE: fix NULL pointer dereference clearing s->passwd in mail auth http requests
     - debian/patches/CVE-2026-27651.patch: fix NULL pointer dereference clearing s->passwd in mail auth http requests
     - CVE-2026-27651
   * SECURITY UPDATE: destination length validation for WebDAV COPY and MOVE (heap buffer overflow)
     - debian/patches/CVE-2026-27654.patch: destination length validation for WebDAV COPY and MOVE (heap buffer overflow)
     - CVE-2026-27654
   * SECURITY UPDATE: fix integer overflow on 32-bit platforms in ngx_http_mp4_module
     - debian/patches/CVE-2026-27784.patch: fix integer overflow on 32-bit platforms in ngx_http_mp4_module
     - CVE-2026-27784
   * SECURITY UPDATE: avoid zero size buffers in ngx_http_mp4_module output (out-of-bounds access)
     - debian/patches/CVE-2026-32647.patch: avoid zero size buffers in ngx_http_mp4_module output (out-of-bounds access)
     - CVE-2026-32647

CVEs fixed:

Updated packages:

libnginx-mod-http-auth-pam_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:511e1ccd0d4ec3a54e7da910eb51b9cb5b5ebe89
libnginx-mod-http-cache-purge_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:745dc54cea1fead98ec3e8c01b5f635099fa39cc
libnginx-mod-http-dav-ext_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:66725fec284e61b934e2a94f95610de2074a9eaf
libnginx-mod-http-echo_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:3e19fd42a236cba931d6e32eabdfc38b0ff4451e
libnginx-mod-http-fancyindex_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:0a928e39820195260f74a26c9662d87ec74c15a7
libnginx-mod-http-geoip_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:f3310df2f6d67cd9c3ba1e7c04cb24b40043a1ed
libnginx-mod-http-headers-more-filter_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:b55f5c69352615a74a3b2b520a1601abdcd8bb24
libnginx-mod-http-image-filter_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:701fb3ecf1713048f977c3a436c6d18996a9fd3e
libnginx-mod-http-lua_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:c69f0baddf8c13595dac6aa0acd558bc92878c28
libnginx-mod-http-ndk_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:518c037e89d55f2e901fdeec3dc4783f2b6251d0
libnginx-mod-http-perl_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:ba8a385cff7abc05abd77914900339b67eae3989
libnginx-mod-http-subs-filter_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:8d63d10835b404e48a85d23382e06e05fb7bb8d0
libnginx-mod-http-uploadprogress_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:02bc60a7ba8397fb54bcd6214c47fac1bd1d5799
libnginx-mod-http-upstream-fair_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:6b23ebf7d2a4f52029b7ead1405379d4f59158aa
libnginx-mod-http-xslt-filter_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:268e8c2635b5b51bd3ca9be8aa643b895fcb5fb0
libnginx-mod-mail_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:98b904fa19356f351745318adbe4a47838f08e39
libnginx-mod-nchan_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:0244ea61b4ce3a868df32bb5fd9a686f37f3352b
libnginx-mod-rtmp_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:9109a4b1fabb898ef7ce5f073e518fddbaf30ecb
libnginx-mod-stream_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:55366828bb665597532d0c6d4b9b7a8f0e280b49
nginx_1.14.0-0ubuntu1.11+tuxcare.els5_all.deb
sha:73f7f91f886073f4d0ffa8f21a5f19719c05a1c5
nginx-common_1.14.0-0ubuntu1.11+tuxcare.els5_all.deb
sha:51124a1914a23a5fb1e9150563c212fa1e2086a9
nginx-core_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:df66c7130b50273a6c0c5d8fb77a1161cd3f7edf
nginx-doc_1.14.0-0ubuntu1.11+tuxcare.els5_all.deb
sha:9aa5ae880a1c9ec81eb7cbcf0643d389175feb49
nginx-extras_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:c6f0fcaba40369f318b618c6a59f8a3d8be78460
nginx-full_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:ebb6e071130eb57a21e10c49631efb9f2305071f
nginx-light_1.14.0-0ubuntu1.11+tuxcare.els5_amd64.deb
sha:c3e3e18ec7740f3deadb096d667376870690b0e7

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.