-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:23:48 +0000
Source: nginx
Binary: libnginx-mod-http-geoip libnginx-mod-http-geoip-dbgsym libnginx-mod-http-image-filter libnginx-mod-http-image-filter-dbgsym libnginx-mod-http-perl libnginx-mod-http-perl-dbgsym libnginx-mod-http-xslt-filter libnginx-mod-http-xslt-filter-dbgsym libnginx-mod-mail libnginx-mod-mail-dbgsym libnginx-mod-stream libnginx-mod-stream-dbgsym libnginx-mod-stream-geoip libnginx-mod-stream-geoip-dbgsym nginx nginx-dbgsym nginx-extras
Architecture: ppc64el
Version: 1.22.1-9+deb12u8
Distribution: bookworm-security
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) <buildd_ppc64el-ppc64el-osuosl-02@buildd.debian.org>
Changed-By: Jan Mojžíš <janmojzis@debian.org>
Description:
 libnginx-mod-http-geoip - GeoIP HTTP module for Nginx
 libnginx-mod-http-image-filter - HTTP image filter module for Nginx
 libnginx-mod-http-perl - Perl module for Nginx
 libnginx-mod-http-xslt-filter - XSLT Transformation module for Nginx
 libnginx-mod-mail - Mail module for Nginx
 libnginx-mod-stream - Stream module for Nginx
 libnginx-mod-stream-geoip - GeoIP Stream module for Nginx
 nginx      - small, powerful, scalable web/proxy server
 nginx-extras - nginx web/proxy server (extended version)
Changes:
 nginx (1.22.1-9+deb12u8) bookworm-security; urgency=medium
 .
   * Apply both patches to fix CVE-2026-42946. In the previous version,
     only one part of the patch was applied, so the fix was incomplete.
     This really fixes CVE-2026-42946, thanks to charles@debian.org for
     pointing it out.
     * d/p/CVE-2026-42946.patch rename to d/p/CVE-2026-42946.2.patch
     * d/p/CVE-2026-42946.1.patch add
   * backport fix for buffer overflow vulnerability in the
     ngx_http_rewrite_module (CVE-2026-9256) from upstream 1.30.2 nginx.
     * d/p/CVE-2026-9256.patch add
   * backport max_headers directive from upstream nginx. It limits the number
     of request headers accepted from clients. Fixes remote denial-of-service
     exploit.
     And move max_headers from core module to the ngx_http_header_count_module
     to avoid potential ABI breakage and keep all the 3rd party modules
     compatible with the new version of nginx without recompilation.
     A big thanks to Miao Wang for preparing the modification.
     Fixes TEMP-1138794-BADE22.
     * d/p/FIX-HTTP2bomb.patch add
Checksums-Sha1:
 02d3be6818db76f8f845b38cc68171f8b7970e44 37176 libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 e32ff4a558c58785147dc7489f0dfc93b2d81062 86484 libnginx-mod-http-geoip_1.22.1-9+deb12u8_ppc64el.deb
 0fc2a9e19610c387da988104168c6af0744a4092 44424 libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 8fdfa4bacd1dd28f2e677fb6961d481a7112c639 90320 libnginx-mod-http-image-filter_1.22.1-9+deb12u8_ppc64el.deb
 84091c91f6838a16668755aa933543b8c2babe9f 100516 libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 72d2dbb551f9a8e793e605058e940b043c4209a9 98812 libnginx-mod-http-perl_1.22.1-9+deb12u8_ppc64el.deb
 9bb5b0821218b31251f9a694ec5f2e3d6a1a18bf 53776 libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 8266d25309cfce697d05f2db76314687fd3daae7 89080 libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_ppc64el.deb
 95aabe9485277f455ead07787068e3d0f51cbd82 109028 libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 213dca7189fa26a7ebddec7ae2bb01a4a3e90d8b 123968 libnginx-mod-mail_1.22.1-9+deb12u8_ppc64el.deb
 1a407b3ae4d272b0d3a0202c5e2cc7ee6b20eb8f 178856 libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 4775c13bc6e596fb58e9176efffaf8f7bc709c62 22760 libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 79e6869848ffbf453367c45fd65159dfc2cad611 85616 libnginx-mod-stream-geoip_1.22.1-9+deb12u8_ppc64el.deb
 7a7d72fbd7b4c665d2783f4eadadabc8415b0689 153740 libnginx-mod-stream_1.22.1-9+deb12u8_ppc64el.deb
 9a5745bd7643d4ae245fcac12cfe6e4c92d1710b 1158360 nginx-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 9eeed4432fabc573b37c64d6002a8f28bcbd89de 81324 nginx-extras_1.22.1-9+deb12u8_ppc64el.deb
 0a753e3df1f73681a6b9f562946e66919e53aa1e 14369 nginx_1.22.1-9+deb12u8_ppc64el-buildd.buildinfo
 7136f6137dc5e945dc5c88c7457f303e2379be11 571864 nginx_1.22.1-9+deb12u8_ppc64el.deb
Checksums-Sha256:
 c35358ae07e0fd469b0cf8225434f64b3e72160cd7c6dcec67bd8bfdbb6d7804 37176 libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 6978880b849650c1c1f8621227df78018631c9354c53b1205c95a06b1d5c847a 86484 libnginx-mod-http-geoip_1.22.1-9+deb12u8_ppc64el.deb
 c663cfa269a116301d29a39a19512fe61ce7bbf7ac2d0d3a39998dda4407a0b3 44424 libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 222bdc5b0f3f47130910e26e8a900778aabca31e63ff003c23fbcab507cd5299 90320 libnginx-mod-http-image-filter_1.22.1-9+deb12u8_ppc64el.deb
 8626fe4f4e16e693b12395a2e1005129a3906c5e1664dab6b0f35f095fa1f537 100516 libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 e0079920163fceac46b39ef8782e82feb6e24a8f6c5ec3e6db450f311e86ea28 98812 libnginx-mod-http-perl_1.22.1-9+deb12u8_ppc64el.deb
 93637a806320b5161aef1adba25b898288f6f46d72a55aebc7972ab609911b1c 53776 libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 567407b5c217182483103a4df4d53e87e4e2dc1a5f6f1ae4cd24382fdb61b68f 89080 libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_ppc64el.deb
 37b3eb048a71d349df82c6ad97297ceb84f48fd6d71532835146a53d4af5ae32 109028 libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 cc9fd45811fab1dccbd4d231080df35f7a34c0a7ea50a8c1a9eebeacde6e846f 123968 libnginx-mod-mail_1.22.1-9+deb12u8_ppc64el.deb
 85c2fb9892efe3c0e6a4b978b64fe6fc305dbcdd5677973c20b46f5b3af2f3db 178856 libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 5536b42bbb406d87245c004401aa519c8d3ddf892bcc24643931eaacb8b7e94e 22760 libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 726492d8636f19215131024f28af0a9e6f0e3880f31773789043b0d45201c4d7 85616 libnginx-mod-stream-geoip_1.22.1-9+deb12u8_ppc64el.deb
 364bf85c62885ae3231cfe9e4cc21f1dbb37f0b9e987346f73d3f6e933c2bd6f 153740 libnginx-mod-stream_1.22.1-9+deb12u8_ppc64el.deb
 5121a656419f490e9c81c3659683edfc8aee7ebeb8bebed359b74987f5c4f487 1158360 nginx-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 3f23f24429ef2927b414e055313571d9dd5b215fb8a6ac949abb32d747e9957f 81324 nginx-extras_1.22.1-9+deb12u8_ppc64el.deb
 4be0d64adc177ba65856cff820a364593d56aab03c25e932880cece8f1d2a4be 14369 nginx_1.22.1-9+deb12u8_ppc64el-buildd.buildinfo
 24437eb7d083a4e451ee538ec231a00f3a271c0be75e8117e42562b929d9513d 571864 nginx_1.22.1-9+deb12u8_ppc64el.deb
Files:
 7cb1dae52758db99822c8d058567c5a9 37176 debug optional libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 36b60c9f84448e401ea53934702b43be 86484 httpd optional libnginx-mod-http-geoip_1.22.1-9+deb12u8_ppc64el.deb
 11c6148e95ca01ee83b2521a9db37657 44424 debug optional libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 fae7ef1ca410035442cb801b70246944 90320 httpd optional libnginx-mod-http-image-filter_1.22.1-9+deb12u8_ppc64el.deb
 3d56eb88df084a810c74c2912d3eb724 100516 debug optional libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 50145fde01fbfca385f01c74b79ac44f 98812 httpd optional libnginx-mod-http-perl_1.22.1-9+deb12u8_ppc64el.deb
 4cf0359cfe39fa97bdcff7a5ee13160d 53776 debug optional libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 929acbe985cb20776c33c1a899162302 89080 httpd optional libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_ppc64el.deb
 04034082186149a074da08dd74830b32 109028 debug optional libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 0abba1609ac533e8274ae918c28f665f 123968 httpd optional libnginx-mod-mail_1.22.1-9+deb12u8_ppc64el.deb
 4833ebfa912b92395725727ebf27b697 178856 debug optional libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 bcc8d3996e5d801ff39a3bf42b599e05 22760 debug optional libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 9c670efc989dceb975b70304e4e17c7c 85616 httpd optional libnginx-mod-stream-geoip_1.22.1-9+deb12u8_ppc64el.deb
 ebd2fdd8e342611cb3300ebc09d0e91b 153740 httpd optional libnginx-mod-stream_1.22.1-9+deb12u8_ppc64el.deb
 8be9e021583bd8a290870cabcedcf391 1158360 debug optional nginx-dbgsym_1.22.1-9+deb12u8_ppc64el.deb
 9bfb3124af017f9b4928018264daf14d 81324 httpd optional nginx-extras_1.22.1-9+deb12u8_ppc64el.deb
 702d3e752037d5e04e7469a6050b2511 14369 httpd optional nginx_1.22.1-9+deb12u8_ppc64el-buildd.buildinfo
 33baa12100686a1fad8cd0300056a763 571864 httpd optional nginx_1.22.1-9+deb12u8_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE9ibmwdV9gdKNbK7oV8ucRsMTpuMFAmokMzcACgkQV8ucRsMT
puM0HQ/+L5ZCT2LzSwkav/dl3aqwfl1Fd4NmU+wGW5/VM5zb79eZS56XElhPYxtP
5Bb1lTNw6QgCqmb+kcKbCi2LosBwbgrDSf3fX/E2yg+mW9/RA/hR+hZruZcvASOz
pF55JGXvuW11Xx+e4jaeJASZNXQMyjt76bINptGgwUREye5HZuAxJms/UMQQo4Kt
VrC7JlTGKkGg1qr1+4Mc8rKQpFfEFknxWpjRVFtA5quhJ0xtCZoJSkVNuM2EPEGZ
i/32jySUwrN8TQUEJen39wUnpbonbTH1hhIgVOx5jgVAyfVyyZX2BZfFY0s9VYxu
YaA8x2Jm8Vi9lU1iB+2iVxrOGk971s7ionHEW00xCZQHEj8k6p0O5iTapMtalHD7
IYxzk6sPJseLB0H/bEMdbRrg3ZvQdDMrBBmYudAjBORrkuOTJa1WSvIQ1CDn3Qjg
+DWU+KMeD89AdcH3tHE8Lq4tl4pPvUPSFCNiTaMexqEMzn2AhWWj/uK24OrieMwp
mHlaKzkiAFV72FlxW8NL359B1Qi5Zlw5QZZgzpEB2HKA6EiDTMtHxa4n7Rh/d7Je
1bBABZgcfGFi79hPLYRwe/ZKUdfQSw0aKrOVQPcngBFucubn768Z67u9ceeqYXT0
ENzVBtvT/sX4cIpZeLixZFXYtGZmebU30WW3dVJ/5VjCLVACaPI=
=aJr4
-----END PGP SIGNATURE-----