Release date:
2026-05-22 22:41:25 UTC
Description:
* SECURITY UPDATE: memory leak in HTTP/2 on flow control window overflow
- debian/patches/CVE-2026-21714.patch: treat NGHTTP2_ERR_FLOW_CONTROL in
OnInvalidFrame so Http2Session is destroyed after invalid connection-level
WINDOW_UPDATE instead of leaking
- CVE-2026-21714
Updated packages:
-
alt-nodejs18-docs_18.20.8-12_amd64.deb
sha:0773c253b50cd13ef0fd975a145adc0b36b62e83
-
alt-nodejs18-nodejs_18.20.8-12_amd64.deb
sha:35cd09cdfbb77a3bc9f475edaa02918d2fe3182c
-
alt-nodejs18-nodejs-devel_18.20.8-12_amd64.deb
sha:3c45cf5cd61524661a7e34a5a0608a4505321244
-
alt-nodejs18-npm_10.8.2-18.20.8.12_amd64.deb
sha:6146fd5ed6c1c4505c235c7f18c1388502d3fbd4
-
alt-nodejs18-docs_18.20.8-12_arm64.deb
sha:de55bcb71bb88e0e19949d63e229bad0b14a0d15
-
alt-nodejs18-nodejs_18.20.8-12_arm64.deb
sha:0fed4c2cd1ecd098c3f342e1e040c2c6dccfab0b
-
alt-nodejs18-nodejs-devel_18.20.8-12_arm64.deb
sha:3d049311fab277ae71d0e71d37deceac1d49cb41
-
alt-nodejs18-npm_10.8.2-18.20.8.12_arm64.deb
sha:54a259e3daa2e981d7fae11c235c002cdc35f4a5
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
