[CLSA-2026:1770823478] Fix CVE(s): CVE-2025-59466, CVE-2026-21637

Type:

security

Severity:

Important

Release date:

2026-02-11 15:24:43 UTC

Description:

   * SECURITY UPDATE: Stack overflow exception handling in async_hooks
     - debian/patches/CVE-2025-59466.patch: rethrow stack overflow exceptions
       in async_hooks instead of calling FatalException
     - CVE-2025-59466
   * SECURITY UPDATE: TLS callback exception handling vulnerability
     - debian/patches/CVE-2026-21637.patch: route pskCallback exceptions through
       error handlers to prevent remote attackers from crashing TLS servers
     - CVE-2026-21637

Updated packages:

alt-nodejs14-docs_14.21.3-18_amd64.deb
sha:cab84a5d6f6c8b5fe5207412c97c13e6e0e81729
alt-nodejs14-nodejs_14.21.3-18_amd64.deb
sha:578222f4d5a79c80787c87305923d2bd338e24a9
alt-nodejs14-nodejs-devel_14.21.3-18_amd64.deb
sha:ee1fa90437d9d6eec1497d34e661e687cd09e6e0
alt-nodejs14-npm_6.14.18-14.21.3-18_amd64.deb
sha:0c38e310ae6b41f04a65cfbc8b2cb01b5f087463

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.