UbuntuUpdates.org

Package "nginx"

Name: nginx

Description:

small, powerful, scalable web/proxy server
Latest version: 1.26.0-2ubuntu3.3
Release: oracular (24.10)
Level: updates
Repository: main
Homepage: https://nginx.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "nginx"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "nginx" in Oracular

Repository Area Version
base universe 1.26.0-2ubuntu3
base main 1.26.0-2ubuntu3
security main 1.26.0-2ubuntu3.2
security universe 1.26.0-2ubuntu3.2
updates universe 1.26.0-2ubuntu3.3
proposed main 1.26.0-2ubuntu3.3
proposed universe 1.26.0-2ubuntu3.3
PPA: Nginx from nginx.org 1.28.0-1~oracular

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.26.0-2ubuntu3.3 2025-06-25 16:07:02 UTC

  nginx (1.26.0-2ubuntu3.3) oracular; urgency=medium

    [ Thomas Ward ]
    * d/nginx-common.nginx.service: Add ConditionFileIsExecutable to
      SystemD service file, prevents starting of service if nginx is
      not installed (which can happen if nginx-common is installed
      independently from `nginx` itself (LP: #2081308)

 -- Matthew Ruffell <email address hidden> Tue, 27 May 2025 15:24:39 +1200
Source diff to previous version
2081308 Resolve circular dependency loop between nginx and nginx-common

Version: 1.26.0-2ubuntu3.2 2025-02-24 17:07:06 UTC

  nginx (1.26.0-2ubuntu3.2) oracular-security; urgency=medium

  * SECURITY UPDATE: Session resumption
    - debian/patches/CVE-2025-23419.patch: added restriction for TLSv1.3
      cross-SNI session resumption in files src/http/ngx_http_request.c,
      src/stream/ngx_stream_ssl_module.c.
    - CVE-2025-23419

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 17 Feb 2025 12:04:52 -0300
CVE-2025-23419 When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate


About   -   Send Feedback to @ubuntu_updates