[CLSA-2026:1779490231] Fix CVE(s): CVE-2026-21713
Type:
security
Severity:
Moderate
Release date:
2026-05-22 22:50:40 UTC
Description:
* SECURITY UPDATE: Timing side-channel in Web Cryptography HMAC verification - debian/patches/CVE-2026-21713.patch: use CRYPTO_memcmp instead of memcmp in HMAC signature verification to prevent timing attacks - CVE-2026-21713
Updated packages:
  • alt-nodejs18-docs_18.20.8-10_amd64.deb
    sha:ad9069dce11c48f5412f9606edaed0e035857ca7
  • alt-nodejs18-nodejs_18.20.8-10_amd64.deb
    sha:464e2934444bd1e380e7f7560e2f2bb1687c8598
  • alt-nodejs18-nodejs-devel_18.20.8-10_amd64.deb
    sha:8c40d593b2207f451671a7aaeead5569b4c49f78
  • alt-nodejs18-npm_10.8.2-18.20.8.10_amd64.deb
    sha:b2ccfd616cb9b6106824bd753cfd7745d6e1f35f
  • alt-nodejs18-docs_18.20.8-10_arm64.deb
    sha:8ef1b2432712c99ee513fec5c0a51f20bb7c3e07
  • alt-nodejs18-nodejs_18.20.8-10_arm64.deb
    sha:f31ba5630b46f4ea75213f623e95c54bf9e66fa9
  • alt-nodejs18-nodejs-devel_18.20.8-10_arm64.deb
    sha:cedb6088855941ce1aa25dac79f6b547cce7e28a
  • alt-nodejs18-npm_10.8.2-18.20.8.10_arm64.deb
    sha:93e1038a3c5d3cf279259d16fadaefa4fe0b7719
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.