Release date:
2026-05-22 21:54:39 UTC
Description:
* SECURITY UPDATE: memory leak in HTTP/2 on flow control window overflow
- debian/patches/CVE-2026-21714.patch: treat NGHTTP2_ERR_FLOW_CONTROL in
OnInvalidFrame so Http2Session is destroyed after invalid connection-level
WINDOW_UPDATE instead of leaking
- CVE-2026-21714
Updated packages:
-
alt-nodejs14-docs_14.21.3-22_amd64.deb
sha:dd557fa652663d1bc297e607024471a5f7384c3f
-
alt-nodejs14-nodejs_14.21.3-22_amd64.deb
sha:5ac8877207e1c9bee8c570cbdabdd50aa25fd7c1
-
alt-nodejs14-nodejs-devel_14.21.3-22_amd64.deb
sha:fcb9c324e388f7abd305dc8e7ffe2d72d3219277
-
alt-nodejs14-npm_6.14.18-14.21.3-22_amd64.deb
sha:e477a036aefa98d849146fd82e4c565dfbde1329
-
alt-nodejs14-docs_14.21.3-22_arm64.deb
sha:5d8a6e8af8cfc5e158fa05082975b1989d6cc27a
-
alt-nodejs14-nodejs_14.21.3-22_arm64.deb
sha:5c53d915636c5bae0d077c4f67f9310da7a1a2dc
-
alt-nodejs14-nodejs-devel_14.21.3-22_arm64.deb
sha:1dff85c703e8e77943305e8bb684baa6c3675837
-
alt-nodejs14-npm_6.14.18-14.21.3-22_arm64.deb
sha:1a0355c65f805806035b15e107dcfcc2c2dfd007
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
