Release date:
2026-05-22 17:54:32 UTC
Description:
* SECURITY UPDATE: memory leak in HTTP/2 on flow control window overflow
- debian/patches/CVE-2026-21714.patch: treat NGHTTP2_ERR_FLOW_CONTROL in
OnInvalidFrame so Http2Session is destroyed after invalid connection-level
WINDOW_UPDATE instead of leaking
- CVE-2026-21714
Updated packages:
-
alt-nodejs16-docs_16.20.2-19_amd64.deb
sha:3b2455eaee3c0505c369777dfb4d03123fb2cdaa
-
alt-nodejs16-nodejs_16.20.2-19_amd64.deb
sha:5520b6d04fc90bf60eb8e541563412e2a3447578
-
alt-nodejs16-nodejs-devel_16.20.2-19_amd64.deb
sha:7848ad2520a3d98fc39dad224db1fe22a5f7217a
-
alt-nodejs16-npm_8.19.4-16.20.2-19_amd64.deb
sha:178171e3def9b42434c9372202418de2b0d2a0b8
-
alt-nodejs16-docs_16.20.2-19_arm64.deb
sha:476078786b73197e5700cd335c91046680faad28
-
alt-nodejs16-nodejs_16.20.2-19_arm64.deb
sha:f73d3658ff7b2a8138e5ef2dcc7e83bdb92f2df7
-
alt-nodejs16-nodejs-devel_16.20.2-19_arm64.deb
sha:bb8397132241158ff8cd6cff62b8acbab6cb62fa
-
alt-nodejs16-npm_8.19.4-16.20.2-19_arm64.deb
sha:f97be340057ccb82e9fd6735aeccf5fb62f792ea
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
