This release includes 1 security fix for security teams reviewing exposed deployments.
Topics
+9 more
Affected surfaces
ReleasePort's take
Light signalReleasePort Layer 1 release‑1.30.2 fixes a buffer overflow vulnerability in ngx_http_rewrite_module.
Why it matters: CVE‑2026‑9256 (severity not specified) affects ngx_http_rewrite_module; upgrade to release‑1.30.2 immediately if this module is used.
Summary
AI summaryFixes buffer overflow vulnerability in ngx_http_rewrite_module (CVE-2026-9256).
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | Medium |
Fixes buffer overflow vulnerability in ngx_http_rewrite_module. Fixes buffer overflow vulnerability in ngx_http_rewrite_module. Source: llm_adapter@2026-05-22 Confidence: low |
— |
Full changelog
nginx-1.30.2 stable version has been released, with a fix for buffer overflow vulnerability in the ngx_http_rewrite_module (CVE-2026-9256).
See official CHANGES-1.30 on nginx.org.
Below is a release summary generated by GitHub.
What's Changed
- nginx-1.30.2-RELEASE by @pluknet in https://github.com/nginx/nginx/pull/1397
Full Changelog: https://github.com/nginx/nginx/compare/release-1.30.1...release-1.30.2
Security Fixes
- CVE-2026-9256 — buffer overflow vulnerability in ngx_http_rewrite_module
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About NGINX
HTTP and reverse proxy server, mail proxy server, and generic TCP/UDP proxy server.
Related context
Related tools
Beta — feedback welcome: [email protected]