[CLSA-2026:1770823096] Fix CVE(s): CVE-2025-59466, CVE-2026-21637

Type:

security

Severity:

Important

Release date:

2026-02-11 15:18:21 UTC

Description:

   * SECURITY UPDATE: TLS callback exception handling vulnerability
     - debian/patches/CVE-2026-21637.patch: route pskCallback exceptions through
       error handlers to prevent remote attackers from crashing TLS servers
     - CVE-2026-21637
   * SECURITY UPDATE: Stack overflow exception handling in async_hooks
     - debian/patches/CVE-2025-59466.patch: rethrow stack overflow exceptions
       in async_hooks instead of calling FatalException
     - CVE-2025-59466

Updated packages:

alt-nodejs16-docs_16.20.2-11_amd64.deb
sha:12dd4dc819be3bb8ebf0c45b83a4a55fd8577654
alt-nodejs16-nodejs_16.20.2-11_amd64.deb
sha:ed85cfabbe2a48892ff60c8df9a7a8d97a8e3e5e
alt-nodejs16-nodejs-devel_16.20.2-11_amd64.deb
sha:4d2fde1bb823344bd74b8da1bf4a6016471d39f2
alt-nodejs16-npm_8.19.4-16.20.2-11_amd64.deb
sha:7e8ad294848b082caa05ea267c3efd30139df6ad

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.