Gnoppix Security Announcement - 2026-06-30T20:00:25.821-04:00

GSA-6374-1: Nginx Security Update (Critical)

Gnoppix Security released a critical update for nginx, fixing an integer overflow in string API functions. This vulnerability could allow a remote attacker to cause a denial of service via crafted input.

Gnoppix 23/25 and Gnoppix 25 users must upgrade nginx immediately.

What the vulnerability does

The flaw exists in memory handling. A crafted string triggers an overflow, crashing the service.

Who is affected

All systems running nginx on Gnoppix 23/25 and Gnoppix 25.

How to fix

Update packages via the standard package manager. Restart nginx after the update.

Critical warning: Delaying this update exposes services to remote crash risk. - Please update your systems.