Release date:
2026-05-28 11:16:09 UTC
Description:
* SECURITY UPDATE: memory leak in HTTP/2 on flow control window overflow
- debian/patches/CVE-2026-21714.patch: treat NGHTTP2_ERR_FLOW_CONTROL in
OnInvalidFrame so Http2Session is destroyed after invalid connection-level
WINDOW_UPDATE instead of leaking
- CVE-2026-21714
Updated packages:
-
alt-nodejs16-docs_16.20.2-19_amd64.deb
sha:de179c59d74553fdc26c2e1f267b64d8007248e9
-
alt-nodejs16-nodejs_16.20.2-19_amd64.deb
sha:ca65a87f2a8c3f611562837586abd03f36c61053
-
alt-nodejs16-nodejs-devel_16.20.2-19_amd64.deb
sha:5cdec25698f0beca8157fd2a2bc44fe0dc80b7f1
-
alt-nodejs16-npm_8.19.4-16.20.2-19_amd64.deb
sha:d2532313ae61d6e6e8dfe9e50ed6a54f4f86bd4b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
