release-1.28.3
📦 nginxView on GitHub →
🐛 4 fixes🔧 2 symbols
Summary
Nginx 1.28.3 stable version has been released, primarily containing several critical security fixes addressing buffer overflows and authentication vulnerabilities.
🐛 Bug Fixes
- Security fix for buffer overflow vulnerability in the ngx_http_dav_module (CVE-2026-27654).
- Security fixes for buffer overflow vulnerabilities in the ngx_http_mp4_module (CVE-2026-27784, CVE-2026-32647).
- Security fixes for mail session authentication vulnerabilities (CVE-2026-27651, CVE-2026-28753).
- Security fix for the OCSP result bypass vulnerability in stream (CVE-2026-28755).