Release date:
2026-05-25 11:22:30 UTC
Description:
- CVE-2026-21714: propagate NGHTTP2_ERR_FLOW_CONTROL in OnInvalidFrame
so Http2Session is destroyed after connection-level WINDOW_UPDATE overflow
instead of leaking memory
Updated packages:
-
alt-nodejs18-nodejs-18.20.8-12.el10.x86_64.rpm
sha:9eda1826738728f121ba58de5ecab8a56727bc7b1bb952e47cfcec5a22a18f2a
-
alt-nodejs18-nodejs-devel-18.20.8-12.el10.x86_64.rpm
sha:806fb6eadef57ededb246b01add19bddaf0c23846c7a38e51e8901a200c2f8c2
-
alt-nodejs18-nodejs-docs-18.20.8-12.el10.noarch.rpm
sha:5834bbf96fc084b37309a2018ccdb6b935413a7d22352e8e15bba12edf141744
-
alt-nodejs18-npm-10.8.2-18.20.8.12.el10.x86_64.rpm
sha:4d5014ff0e6a62c34ad866fb0b30f372c46e5c573fb19ae2a4db6793bdf76a5b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
