-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 30 Jun 2026 22:05:01 -0300
Source: nginx
Architecture: source
Version: 1.22.1-9+deb12u9
Distribution: bookworm-security
Urgency: medium
Maintainer: Debian Nginx Maintainers <pkg-nginx-maintainers@alioth-lists.debian.net>
Changed-By: Carlos Henrique Lima Melara <charlesmelara@riseup.net>
Closes: 1140359 1140361
Changes:
 nginx (1.22.1-9+deb12u9) bookworm-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * debian/gbp.conf: set debian-branch to debian/bookworm.
   * debian/patches: import upstream patches to fix vulnerabilities.
       - CVE-2026-42055.patch: backport from upstream; (Closes: #1140359)
       - CVE-2026-48142.patch: cherry-pick from upstream. (Closes: #1140361)
   * debian/tests/abicheck: cherry-pick from debain/trixie, remove chown, add
     warn when it fails and remove needs-root restriction.
Checksums-Sha1:
 d3f4e6721c4f3a852fa0a604bc75900dfe87d408 3594 nginx_1.22.1-9+deb12u9.dsc
 45a89797f7c789287c7f663811efbbd19e84f154 1073948 nginx_1.22.1.orig.tar.gz
 7f9c8b261edecb645f4c0a835f7422f2486cee42 86524 nginx_1.22.1-9+deb12u9.debian.tar.xz
 e82648b4b875593d65570b2d01d50baed342e986 6049 nginx_1.22.1-9+deb12u9_source.buildinfo
Checksums-Sha256:
 28baa4abda06503ae8ecde6e9f049905de7c172d6ec767636628bfcd87499cf4 3594 nginx_1.22.1-9+deb12u9.dsc
 9ebb333a9e82b952acd3e2b4aeb1d4ff6406f72491bab6cd9fe69f0dea737f31 1073948 nginx_1.22.1.orig.tar.gz
 3aebca44037e31b4148cec5a10dc673fdac176411aaa65a0094135895d154223 86524 nginx_1.22.1-9+deb12u9.debian.tar.xz
 7552e7d6aa39cdd6d5d4dfec8533d3670a50330ec1b6a18f23b26e7ee41915cf 6049 nginx_1.22.1-9+deb12u9_source.buildinfo
Files:
 ef6570185853d8af66df580ff40760d5 3594 httpd optional nginx_1.22.1-9+deb12u9.dsc
 8296d957561aeed0261d9be4d3decaec 1073948 httpd optional nginx_1.22.1.orig.tar.gz
 4b5846cc93e3081f11259b9dfa3aa12e 86524 httpd optional nginx_1.22.1-9+deb12u9.debian.tar.xz
 7f5d9ff00943baf3ad0e17930d7ec008 6049 httpd optional nginx_1.22.1-9+deb12u9_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJNBAEBCgA3FiEECgzx8d8+AINglLHJt4M9ggJ8mQsFAmpH5z4ZHGNoYXJsZXNt
ZWxhcmFAcmlzZXVwLm5ldAAKCRC3gz2CAnyZC61iD/kB74h3E0bZ35vjjuLI5LmI
/FYTJlAJoRaUBvHi7tPKWLIm82/pGX6nB4wJ6/vUgiByCtYIHCLsch1cjLl05nt2
F0Ye2RCGng5DqoFTkGcWhKFHvrstZ4it+Rxb8vAOPYtxw4luLhUqW6VEMuzdicS0
+7lVDCRbE+wF6P5xAup7NO6wNlkJkTwOaTZHmF/wPzmuYj8oTsBACr2be1RdMMVo
PIGqXuj31qMLviEn0dnmnlgYng7W9UHEI6KaJfHepr+UAjpIwEhg7qxAT7lqqJCo
hOMrEudmoLUcUHj8/HtMZHYHWoP5HNVQj4RqmXf6a/X8hIjRcv44qYh1cqEaSysJ
6+gDJW19l8W45t8RJGv+7d93dp/wFvPpw+rEQsTx+YORntTMrmTj5VXBiyZe84wq
HxiTUyWi+ZP1t549MENZfuvAvwmvDGshkFu5e6QM7KGFiifXZf7SKRr0+GBdMWTO
PaFAUmOIdVd/mhrFEXzA8xL/HLaiOwwRRTbKJHiklnq03K+z+2kj2FtAYr+1fg8N
SCBc5L6STPLh9D1Ro9ByW7Eq+3r+Hlh2PLxZ8D+uS1+YVBnkvdFb1Z+lbv85fjsV
W0oPEmBft70zJDm5UkSkOcRclNX3nDx+VUUSMjow97mQfsCk44Z/mjqErHxdoEek
UeFMtuJq+99V8Y+bPu6pVQ==
=dPEl
-----END PGP SIGNATURE-----
