-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 12:23:48 +0000
Source: nginx
Binary: libnginx-mod-http-geoip libnginx-mod-http-geoip-dbgsym libnginx-mod-http-image-filter libnginx-mod-http-image-filter-dbgsym libnginx-mod-http-perl libnginx-mod-http-perl-dbgsym libnginx-mod-http-xslt-filter libnginx-mod-http-xslt-filter-dbgsym libnginx-mod-mail libnginx-mod-mail-dbgsym libnginx-mod-stream libnginx-mod-stream-dbgsym libnginx-mod-stream-geoip libnginx-mod-stream-geoip-dbgsym nginx nginx-dbgsym nginx-extras
Architecture: s390x
Version: 1.22.1-9+deb12u8
Distribution: bookworm-security
Urgency: medium
Maintainer: s390x Build Daemon (zani) <buildd_s390x-zani@buildd.debian.org>
Changed-By: Jan Mojžíš <janmojzis@debian.org>
Description:
 libnginx-mod-http-geoip - GeoIP HTTP module for Nginx
 libnginx-mod-http-image-filter - HTTP image filter module for Nginx
 libnginx-mod-http-perl - Perl module for Nginx
 libnginx-mod-http-xslt-filter - XSLT Transformation module for Nginx
 libnginx-mod-mail - Mail module for Nginx
 libnginx-mod-stream - Stream module for Nginx
 libnginx-mod-stream-geoip - GeoIP Stream module for Nginx
 nginx      - small, powerful, scalable web/proxy server
 nginx-extras - nginx web/proxy server (extended version)
Changes:
 nginx (1.22.1-9+deb12u8) bookworm-security; urgency=medium
 .
   * Apply both patches to fix CVE-2026-42946. In the previous version,
     only one part of the patch was applied, so the fix was incomplete.
     This really fixes CVE-2026-42946, thanks to charles@debian.org for
     pointing it out.
     * d/p/CVE-2026-42946.patch rename to d/p/CVE-2026-42946.2.patch
     * d/p/CVE-2026-42946.1.patch add
   * backport fix for buffer overflow vulnerability in the
     ngx_http_rewrite_module (CVE-2026-9256) from upstream 1.30.2 nginx.
     * d/p/CVE-2026-9256.patch add
   * backport max_headers directive from upstream nginx. It limits the number
     of request headers accepted from clients. Fixes remote denial-of-service
     exploit.
     And move max_headers from core module to the ngx_http_header_count_module
     to avoid potential ABI breakage and keep all the 3rd party modules
     compatible with the new version of nginx without recompilation.
     A big thanks to Miao Wang for preparing the modification.
     Fixes TEMP-1138794-BADE22.
     * d/p/FIX-HTTP2bomb.patch add
Checksums-Sha1:
 346aef0cf29c59c20f8821642ef919411984cb18 36144 libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_s390x.deb
 fbf83096d78f731f4b643c4f5f3fdd02ed0a636a 85544 libnginx-mod-http-geoip_1.22.1-9+deb12u8_s390x.deb
 43fce42476ae5e4961bebbabaf2696da6f3a3d25 43592 libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_s390x.deb
 63ae622d75da65ce52107b23fb5f74f94401cd99 88860 libnginx-mod-http-image-filter_1.22.1-9+deb12u8_s390x.deb
 3788ea79c719ecfadc4e336ae8bdf2bcae8c3be1 99492 libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_s390x.deb
 2a3140850c774300697cb7524cb4efb63aaef439 96588 libnginx-mod-http-perl_1.22.1-9+deb12u8_s390x.deb
 fe5ba5d18cfb164e1410515e7b3afb5463aef471 52988 libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_s390x.deb
 209fb757bf4f96ea9b3bdfd992005cd12fa7106e 87412 libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_s390x.deb
 06b91912d7579e9bb9d3d9e7f63b50cb69eedd84 103524 libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_s390x.deb
 c479302d149ca65db18dfb30126a30c4c09c24e3 116056 libnginx-mod-mail_1.22.1-9+deb12u8_s390x.deb
 d9a28081b04e155697c2681155ece3136769bb76 170184 libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_s390x.deb
 d3081527e34b026a217edabd9cffeee86b9df08e 21648 libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_s390x.deb
 ec45f1787545967a1ab01ee1f786934f585e1662 84772 libnginx-mod-stream-geoip_1.22.1-9+deb12u8_s390x.deb
 0828dfaa85da5944c4f1cfc9bf9bf084112c0f24 138896 libnginx-mod-stream_1.22.1-9+deb12u8_s390x.deb
 e398a541f2885b240d7e971d3fdae924cdbaa25e 1097344 nginx-dbgsym_1.22.1-9+deb12u8_s390x.deb
 8b41cc96b8053697bf450aa4199866062942011e 81336 nginx-extras_1.22.1-9+deb12u8_s390x.deb
 fca625c9cc8caa65c595ca3645367672d9535ffb 14072 nginx_1.22.1-9+deb12u8_s390x-buildd.buildinfo
 4846d46078ea1d4de95c503849039006d4414282 483560 nginx_1.22.1-9+deb12u8_s390x.deb
Checksums-Sha256:
 0ea96bb9b7f189f51892086d133482f00ec326a89e805785bc55ec8b643d2318 36144 libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_s390x.deb
 645341b7595b244e8194279357ab0141d131a685ae208796c3f97db8f6608ebd 85544 libnginx-mod-http-geoip_1.22.1-9+deb12u8_s390x.deb
 047901e9b8c23518ebd4248380db51d519e999dacd040884764f0d1299105057 43592 libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_s390x.deb
 bb0bb0972e8328d8dc341827a406ecf089f5317ae6475d59162b11e331569727 88860 libnginx-mod-http-image-filter_1.22.1-9+deb12u8_s390x.deb
 f1da9393da992b1990317b01c36e0ef7433b3aa57e47845a30cf9a5088a3aa75 99492 libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_s390x.deb
 8efd91cc2fa917c698d729931567135af689cf9c45fca4c7e20710d19791ff75 96588 libnginx-mod-http-perl_1.22.1-9+deb12u8_s390x.deb
 e3518f2167b3a6c83740101f0d1f3a5ac0cbd5bd7f7a88ab393a3190a34217c0 52988 libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_s390x.deb
 18b2d93ecf32a8baa8b2ca60db0da3b92c4f19d869456b99587606dc13cf8ec6 87412 libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_s390x.deb
 3a5f6e32a467570c64f6f44924f627a257d93d01307cb6a94196f71f9dd86abc 103524 libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_s390x.deb
 bf43ec28a77a942158047a6bcdb0c8acef6b27a78d2df0a9bbfd5ff806dfb491 116056 libnginx-mod-mail_1.22.1-9+deb12u8_s390x.deb
 0960154e0be6b9958a193d64d37228e42fe095f93bf4bd235e7ac751676ab3f2 170184 libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_s390x.deb
 ee9772fce844fa8badc5e8077bdaab245ba64a98da18970aceb3b0f3f904d8c8 21648 libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_s390x.deb
 eecd914f7d5b537adafc1e489724a933798ba04cb0f2dcac3bcd53fcb02cbaae 84772 libnginx-mod-stream-geoip_1.22.1-9+deb12u8_s390x.deb
 6a0e19e7710d67aaab4034c44e3fc904bfd33f3bee2a33b4623ebb0b22ba3849 138896 libnginx-mod-stream_1.22.1-9+deb12u8_s390x.deb
 30e4fd9d93b96a54e2740eae786e83e28c79097e57076bf00c32c101ee462126 1097344 nginx-dbgsym_1.22.1-9+deb12u8_s390x.deb
 467219bfb408888845d644bc2a96b59de09504ca8a46e29c0750b6d68ca9099e 81336 nginx-extras_1.22.1-9+deb12u8_s390x.deb
 07a704b1ce0e1d99b94d9367a8e46f350f4f08e6ad9ed7a9cd19526f6028450d 14072 nginx_1.22.1-9+deb12u8_s390x-buildd.buildinfo
 b340b3ee746ce4fc35107e6e4a16b77de2fa61488e45c44b68aa7032c6a0479e 483560 nginx_1.22.1-9+deb12u8_s390x.deb
Files:
 c7ef460d46be82031f49955ba72b2f8c 36144 debug optional libnginx-mod-http-geoip-dbgsym_1.22.1-9+deb12u8_s390x.deb
 a658124bd5d1cfd3199eb73b532bf6d0 85544 httpd optional libnginx-mod-http-geoip_1.22.1-9+deb12u8_s390x.deb
 b390d1b6a13e41661995e5e00cd69aaa 43592 debug optional libnginx-mod-http-image-filter-dbgsym_1.22.1-9+deb12u8_s390x.deb
 1f97d9c2234ace0022681c1dbbef7a61 88860 httpd optional libnginx-mod-http-image-filter_1.22.1-9+deb12u8_s390x.deb
 4fa6b69e8f7352705f050a675c8b04ab 99492 debug optional libnginx-mod-http-perl-dbgsym_1.22.1-9+deb12u8_s390x.deb
 b45385050a8c6068bdd623d4b529ad8d 96588 httpd optional libnginx-mod-http-perl_1.22.1-9+deb12u8_s390x.deb
 4ee0e09ed184a702323828e313ef7e90 52988 debug optional libnginx-mod-http-xslt-filter-dbgsym_1.22.1-9+deb12u8_s390x.deb
 0cf0b2044dab0f5cd9026a86a685b472 87412 httpd optional libnginx-mod-http-xslt-filter_1.22.1-9+deb12u8_s390x.deb
 485225a66b64d78905e5a0b25da8db7e 103524 debug optional libnginx-mod-mail-dbgsym_1.22.1-9+deb12u8_s390x.deb
 f030b2a14c3a4fcb2f4e297af8794a53 116056 httpd optional libnginx-mod-mail_1.22.1-9+deb12u8_s390x.deb
 1d4b51c98a7f173f8edfc6973751e61d 170184 debug optional libnginx-mod-stream-dbgsym_1.22.1-9+deb12u8_s390x.deb
 b467fe8693c36506723dffb42a49acad 21648 debug optional libnginx-mod-stream-geoip-dbgsym_1.22.1-9+deb12u8_s390x.deb
 c86d4107398e852d63c14fd4b9c9cb0f 84772 httpd optional libnginx-mod-stream-geoip_1.22.1-9+deb12u8_s390x.deb
 ff29628321fd40dfd637d0704381f8f4 138896 httpd optional libnginx-mod-stream_1.22.1-9+deb12u8_s390x.deb
 322a6295adc2369644370994c3a1b1ad 1097344 debug optional nginx-dbgsym_1.22.1-9+deb12u8_s390x.deb
 2c61f2d8aa3f7e06c26db95ce2c068c4 81336 httpd optional nginx-extras_1.22.1-9+deb12u8_s390x.deb
 1afea1281e733372fc161c6ead2da647 14072 httpd optional nginx_1.22.1-9+deb12u8_s390x-buildd.buildinfo
 0298e42007ca891ec25e18cb98dcd0e5 483560 httpd optional nginx_1.22.1-9+deb12u8_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgh4msZ+e2PZfd5KckaCrxAR3BY0FAmokMwgACgkQkaCrxAR3
BY1k1w/+LH20yPmSVQsm+rehC6CsCkceIpm9zaf57aFnBNBvkvfBJC9nCUsSarDy
TpVo+RAx832f62wkX2voN92DQU6k/DY884Nf8Ye9xsX9noldrGWanhQDWrqEo5ET
/15H29XqpUbiagi07ErNaB/z0Y4DKPFVVFm83heXmfvv8dccy0Glya7jZduG5iz0
E+9xJoVeZCWyvRl0wFkfk1eZbFaB2oD8+z2njBYXxzq3CnoxcP7dlj6PF6nVsAcr
tTgqRFnxB/HhMtlqq7kEqst/aZRNJBuRnGnpwCybxfYpszLQWDZFlUPYPBfEjtdr
jSDydG+iLYTm5FSO2v1EHVMbW/6xYP5rYxKbQzlEcWsXlBFxZU3dU2+KT1lId7O8
6OvpNIbUkYxCex4gyLkDhuBc23viz6SAQ1F9URFcMXY1elnf1OotSPwX/NdpQ/7d
s8FiJLDe44dPXuoYnWuIBeKfwr8z/UI+Q4CIr/31HqbGMuaIDlwKSi6NQDrSxG8K
xf6vqPdVTn24dQ72JMMLVrqHBbZJi5zv5inNXBRlTR7FrDMdaT1Yx6M534sEtuH4
3t1tQtB6BVFgG0pTan8yG1isrU+L5tn5yAteS9SDal4OT9n+IkNisuJGrfuGwfp8
ZiE9les7zG12eAlDyyJ6yAILj5t1huSu5SY/8ZQD7brTLl5Hr3A=
=hLdr
-----END PGP SIGNATURE-----