Release date:
2026-05-22 22:13:09 UTC
Description:
* SECURITY UPDATE: Timing side-channel in Web Cryptography HMAC verification
- debian/patches/CVE-2026-21713.patch: use CRYPTO_memcmp instead of memcmp
in HMAC signature verification to prevent timing attacks
- CVE-2026-21713
Updated packages:
-
alt-nodejs18-docs_18.20.8-10_amd64.deb
sha:5ca362c2941f0ba2bd1ea1553fc91c083f4af6c5
-
alt-nodejs18-nodejs_18.20.8-10_amd64.deb
sha:aa5b18b55eab77c670444aa291a969fd937b1d71
-
alt-nodejs18-nodejs-devel_18.20.8-10_amd64.deb
sha:487253a58653a0d5bc994362e14390ce39275d6b
-
alt-nodejs18-npm_10.8.2-18.20.8.10_amd64.deb
sha:2cca616847bac54cb7e9b18a6d88e832d139d56f
-
alt-nodejs18-docs_18.20.8-10_arm64.deb
sha:0cf5569ad097ba79b3d1d38008acba7c72bf72d1
-
alt-nodejs18-nodejs_18.20.8-10_arm64.deb
sha:f3ab0617ec961320f9ea48c8013b29193068026b
-
alt-nodejs18-nodejs-devel_18.20.8-10_arm64.deb
sha:2119864fab2232f95a024f82cc475670909dbfe4
-
alt-nodejs18-npm_10.8.2-18.20.8.10_arm64.deb
sha:8b87a312b5624cec5cb383b39fef82cce37a85e3
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
