Release date:
2026-05-22 10:01:36 UTC
Description:
* SECURITY UPDATE: memory leak in HTTP/2 on flow control window overflow
- debian/patches/CVE-2026-21714.patch: treat NGHTTP2_ERR_FLOW_CONTROL in
OnInvalidFrame so Http2Session is destroyed after invalid connection-level
WINDOW_UPDATE instead of leaking
- CVE-2026-21714
Updated packages:
-
alt-nodejs16-docs_16.20.2-19_amd64.deb
sha:d3d90b19b2e03717245c9c4fab146c861acc7cee
-
alt-nodejs16-nodejs_16.20.2-19_amd64.deb
sha:722414d290e6e8a382003eab93647434f8ade439
-
alt-nodejs16-nodejs-devel_16.20.2-19_amd64.deb
sha:f9ca7bdc30b63fd8d81ee50893fc483534b7c573
-
alt-nodejs16-npm_8.19.4-16.20.2-19_amd64.deb
sha:2475f5ca1a534fe9dadfa6658ef723336fca21e6
-
alt-nodejs16-docs_16.20.2-19_arm64.deb
sha:8d13adfb2596a03be6014c8b2961c690a8298038
-
alt-nodejs16-nodejs_16.20.2-19_arm64.deb
sha:8f7f8f5dae8a709cf66ca1fcb791acb9d78a0e44
-
alt-nodejs16-nodejs-devel_16.20.2-19_arm64.deb
sha:5fe9acfe7a77df45cf8e99dbc79840d5b3255949
-
alt-nodejs16-npm_8.19.4-16.20.2-19_arm64.deb
sha:3d788655b4bc408bf9ab060589e2b11cd3624d1a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
