Back to Changelog
v1.31.0-nginx-panel
Critical security fix: nginx upgraded to 1.31.0 to patch CVE-2026-42945
Improvements
2- Build details: compiled on Ubuntu 22.04 (gcc 11.4.0), GLIBC max 2.34, stripped, identical configure flags to 1.28.3.
- Apply requires nginx-panel restart (~2 seconds panel UI interruption; frontend reconnects automatically).
Bug Fix
1- Fixed by upstream nginx 1.31.0, released by F5 on 2026-05-13 as a coordinated advisory.
Security Fixes
2- Fix CVE-2026-42945 (CVSS 9.2 CRITICAL) — heap buffer overflow in ngx_http_rewrite_module that could allow remote code execution on systems with weak or disabled ASLR.
- Affected: Panel nginx versions 0.6.27 through 1.30.0. Panelica previous build (1.28.3) was vulnerable.