Files
ragflow/Dockerfile
Virus 0f08dc070d fix: update nginx version. fix CVE-2026-9256 (#16732)
### Summary
Updates the NGINX package used in the RAGFlow Docker image from
`1.31.0-1~noble` to `1.31.2-1~noble`.

NGINX 1.31.0 is affected by CVE-2026-9256. NGINX 1.31.2 includes
the corresponding security fix and is available from the official
NGINX mainline repository for Ubuntu Noble.

### References
- nginx security advisories:
https://nginx.org/en/security_advisories.html
- Vendor advisory: https://my.f5.com/manage/s/article/K000161377

### Fix
Single-line change in `Dockerfile:62`:

```diff
-ARG NGINX_VERSION=1.31.0-1~noble
+ARG NGINX_VERSION=1.31.2-1~noble

Co-authored-by: duanyuan <duanyaun@uyuyue.com>
2026-07-08 19:19:06 +08:00

13 KiB