/ Register

Learn about Centmin Mod LEMP Stack today
Become a Member

Security Nginx 1.31.1 Security Update - 1 CVE Fixed (CVE-2026-9256)

Discussion in 'Centmin Mod News' started by eva2000, May 23, 2026.

Tags:
Thread Status:
Not open for further replies.
Previous Thread Next Thread
Loading...
  1. May 23, 2026 #1
    eva2000

    eva2000 Administrator Staff Member

    58,893
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    11:29 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    Nginx 1.31.1 (mainline) and 1.30.2 (stable) have been released with a fix for 1 security vulnerability. All three Centmin Mod branches (132.00stable, 140.00beta01, 141.00beta01) have been updated to Nginx 1.31.1 as the new default.

    CVE addressed:
    • CVE-2026-9256 - Heap buffer overflow in ngx_http_rewrite_module worker process when using a configuration with overlapping captures (potential arbitrary code execution)
    To update, run cmupdate and then centmin.sh menu option 4 to recompile Nginx. Or instead of cmupdate, update your local code first via centmin.sh menu option 23 submenu option 2 and then centmin.sh menu option 4 to recompile Nginx.

    Example cmupdate run before you run centmin.sh menu option 4 (type centmin to launch centmin.sh shell based menu):
    Code (Text):
    cmupdate

-------------------------------------
Updating Centmin Mod code
-------------------------------------

* 141.00beta01
Checking for updates on origin/141.00beta01 ...
remote: Enumerating objects: 7, done.
remote: Counting objects: 100% (7/7), done.
remote: Compressing objects: 100% (1/1), done.
remote: Total 4 (delta 3), reused 4 (delta 3), pack-reused 0 (from 0)
Unpacking objects: 100% (4/4), 426 bytes | 42.00 KiB/s, done.
From https://github.com/centminmod/centminmod
 * branch            141.00beta01 -> FETCH_HEAD
   7ed9b15..ee8147e  141.00beta01 -> origin/141.00beta01
Fast-forwarding 141.00beta01 to origin/141.00beta01 ...
Updating 7ed9b15..ee8147e
Fast-forward
 centmin-cli.sh | 4 ++--
 centmin.sh     | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)
Updated to ee8147e update nginx 1.31.1 default for CVE security fix in 141.00beta01.
Latest commit: ee8147e (2026-05-23)
    update nginx 1.31.1 default for CVE security fix in 141.00beta01

    centmin.sh menu option 4
    Code (Text):
    --------------------------------------------------------
     Centmin Mod Menu 141.00beta01 centminmod.com     
--------------------------------------------------------
1).  Centmin Install
2).  Add Nginx vhost domain
3).  NSD setup domain name DNS
4).  Nginx Upgrade / Downgrade
5).  PHP Upgrade / Downgrade
6).  MySQL User Database Management
7).  Persistent Config File Management
8).  PostgreSQL Server Management
9).  Option Being Revised (TBA)
10). Memcached Server Re-install
11). MariaDB MySQL Upgrade & Management
12). Zend OpCache Install/Re-install
13). Install/Reinstall Redis PHP Extension
14). SELinux disable
15). Install/Reinstall ImagicK PHP Extension
16). Change SSHD Port Number
17). Multi-thread compression: zstd,pigz,pbzip2,lbzip2
18). Suhosin PHP Extension install
19). Install FFMPEG and FFMPEG PHP Extension
20). NSD Install/Re-Install
21). Data Transfer
22). Add Wordpress Nginx vhost + Cache Plugin
23). Update Centmin Mod Code Base
24). Exit
--------------------------------------------------------
Enter option [ 1 - 24 ] 4
--------------------------------------------------------

    Code (Text):
    Nginx Upgrade - Would you like to continue? [y/n] y

Current Nginx Version: 1.31.0 (160526-115631-almalinux9-virtualbox-kvm-1ce5b62)

Install which version of Nginx? (version i.e. type 1.31.1): 1.31.1

Do you still want to continue? [y/n] y


    Updated Nginx 1.31.1 output from nginx -V output
     
  2. May 23, 2026 #2
    eva2000

    eva2000 Administrator Staff Member

    58,893
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    11:29 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    Centmin Mod 140.00beta01 and 141.00beta01 new SSH login MOTD will also notify you of new Nginx 1.31.1 update availability. Example on AlmaLinux 9.7
    Code (Text):
    ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 host: host.domain.com  on  AlmaLinux 9.7  │  users: 2 (root)
 load: 0.23, 0.14, 0.06 (1/5/15)  │  proc: 557  │  up: 5d 8h 20m 18s
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 mem  ▓▓░░░░░░░░  16%  used 20Gi / 125Gi   avail 104Gi
 swap ░░░░░░░░░░   0%  used 0B / 16Gi
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Filesystem     Type  Size  Used Avail Use% Mounted on
/dev/md126     ext4  2.6T  263G  2.2T  11% /  ▓░░░░░░░░░
/dev/md127     ext4  986M  347M  573M  38% /boot  ▓▓▓▓░░░░░░
/dev/md124     ext4  1.9T  144G  1.6T   9% /var  ▓░░░░░░░░░
/dev/md123     vfat  512M  7.5M  505M   2% /boot/efi  ░░░░░░░░░░
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 [!!] CSF Firewall — DO NOT run `iptables -F` (will lock you out)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 Docs:  centminmod.com/{getstarted,faq,configfiles}  ·  blog.centminmod.com
 Forum: community.centminmod.com   [ << Register ]
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 * cmsec: running 5 kernel CVE check(s), please wait...
 * CVE-2026-31431 (almalinux kernel): PATCHED
 * CVE-2026-43284 (almalinux kernel): PATCHED
 * CVE-2026-43500 (almalinux kernel): NOT AFFECTED
 * CVE-2026-46300 (almalinux kernel): PATCHED
 * CVE-2026-46333 (almalinux kernel): PATCHED
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 [!!]  Nginx  1.31.0 → 1.31.1 available — run centmin.sh menu 4
 [OK]  Centmin Mod 141.00beta01 — up to date
 [OK]  CSF    15.02 (matches mirror)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
     
Previous Thread Next Thread
Loading...
Thread Status:
Not open for further replies.

.