Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 502
Alerts This Week
Warning Icon 1 502

Fedora 44 nginx-mod-fancyindex Serious Denial of Service Vulnerability

fedora
Calendar Grey April 25, 2026
Dist Fedora Esm H88
Critical updates for nginx-mod-fancyindex on Fedora 44 highlight significant vulnerabilities and recommended actions.
nginx-mod-brotli: Rebuild for 1.28.3 nginx-mod-fancyindex: Rebuild for 1.28.3 nginx-mod-naxsi:

Summary

The Fancy Index module makes possible the generation of file listings,

like the built-in autoindex module does, but adding a touch of style.

This is possible because the module allows a certain degree of

customization of the generated content:

* Custom headers. Either local or stored remotely.

* Custom footers. Either local or stored remotely.

* Add you own CSS style rules.

* Allow choosing to sort elements by name (default),

modification time, or size; both ascending (default),

or descending.

Update Information:

nginx-mod-brotli: Rebuild for 1.28.3 nginx-mod-fancyindex: Rebuild for 1.28.3 nginx-mod-naxsi: Rebuild for 1.28.3 nginx-mod-headers-more: Rebuild for 1.28.3 nginx-mod-vts: Rebuild for 1.28.3 nginx-mod-modsecurity: Rebuild for 1.28.3 nginx: Update to 1.28.3 fixes CVE-2026-27654, CVE-2026-27784, CVE-2026-32647, CVE-2026-27651, CVE-2026-28753, CVE-2026-28755

Change Log

* Wed Mar 25 2026 Felix Kaechele - 0.6.0-2 - Rebuild for 1.28.3

References


[ 1 ] Bug #2372546 - Use `systemctl kill` in logrotate postrotate script https://bugzilla.redhat.com/show_bug.cgi?id=2372546 [ 2 ] Bug #2393382 - nginx-upgrade: Support custom PID and config file locations https://bugzilla.redhat.com/show_bug.cgi?id=2393382 [ 3 ] Bug #2413647 - The default server (i.e. _) is not the default server https://bugzilla.redhat.com/show_bug.cgi?id=2413647 [ 4 ] Bug #2445461 - RFE: please enable the geoip module https://bugzilla.redhat.com/show_bug.cgi?id=2445461 [ 5 ] Bug #2450834 - CVE-2026-27651 nginx: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2450834 [ 6 ] Bug #2450837 - CVE-2026-27651 nginx: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2450837 [ 7 ] Bug #2450838 - CVE-2026...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-4de4d247a0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: nginx-mod-fancyindex
Product: Fedora 44
Version: 0.6.0
Release: 2.fc44
Summary: Nginx FancyIndex module

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.