<![CDATA[iRedMail — About nginx CVE...]]> https://forum.iredmail.org/topic21146-about-nginx-cve.html Fri, 15 May 2026 09:07:48 +0000 PunBB <![CDATA[Re: About nginx CVE...]]> https://forum.iredmail.org/post91963.html#p91963 Please either change those unnamed captures by named captures, or wait for patched version from Linux vendors.

Ubuntu already provides patched Nginx in official apt repository, run "apt update && apt upgrade" to get it fixed.

- Ubuntu 22.04 (jammy): https://changelogs.ubuntu.com/changelog … /changelog
- Ubuntu 24.04 (noble): https://changelogs.ubuntu.com/changelog … /changelog
- Ubuntu 26.04 (resolute): https://changelogs.ubuntu.com/changelog … /changelog

Debian doesn't provide patched version yet: https://metadata.ftp-master.debian.org/ … _changelog

RedHat doesn't fix it yet: https://access.redhat.com/security/cve/cve-2026-42945

]]> Fri, 15 May 2026 09:07:48 +0000 https://forum.iredmail.org/post91963.html#p91963 <![CDATA[About nginx CVE...]]> https://forum.iredmail.org/post91962.html#p91962 ==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

F5 K000161019

Separately I added acl for iredadmin...is it sufficient?

]]> Fri, 15 May 2026 08:53:03 +0000 https://forum.iredmail.org/post91962.html#p91962