package/nginx: security update to 1.26.3

See here for a changelog: http://nginx.org/en/CHANGES-1.26 Fixes the following security issue: CVE-2025-23419: Security: insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a different virtual server, to bypass client SSL certificates verification https://www.cve.org/CVERecord?id=CVE-2025-23419 Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit a7a18c2ef8d654a34d31eb5cc146acdcc4b2029f) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2025-02-12 16:48:53 +01:00 · 2025-02-12 16:48:53 +01:00 · be2424f55c
commit be2424f55c
parent aa5e307217
2 changed files with 2 additions and 2 deletions
--- a/package/nginx/nginx.hash
+++ b/package/nginx/nginx.hash
@ -1,4 +1,4 @@
 # Locally calculated after checking pgp signature
-sha256  627fe086209bba80a2853a0add9d958d7ebbdffa1a8467a5784c9a6b4f03d738  nginx-1.26.2.tar.gz
+sha256  69ee2b237744036e61d24b836668aad3040dda461fe6f570f1787eab570c75aa  nginx-1.26.3.tar.gz
 # License files, locally calculated
 sha256  f19c4caea60247490199c5a6d0134281e3fb20b3d7577e6873c628597f5381d9  LICENSE
--- a/package/nginx/nginx.mk
+++ b/package/nginx/nginx.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-NGINX_VERSION = 1.26.2
+NGINX_VERSION = 1.26.3
 NGINX_SITE = https://nginx.org/download
 NGINX_LICENSE = BSD-2-Clause
 NGINX_LICENSE_FILES = LICENSE