Release date:
2026-05-27 07:01:26 UTC
Description:
- CVE-2026-21714: propagate NGHTTP2_ERR_FLOW_CONTROL in OnInvalidFrame
so Http2Session is destroyed after connection-level WINDOW_UPDATE overflow
instead of leaking memory
Updated packages:
-
alt-nodejs14-nodejs-14.21.3-21.el10.x86_64.rpm
sha:13042fffee31779940294baaa8c7a27a33b2c07b0d8e53d9ecbc33588d3a280b
-
alt-nodejs14-nodejs-devel-14.21.3-21.el10.x86_64.rpm
sha:a68c44251395805e59589c13570df1acd32dcbe1f74943cfaec00137759a8f2d
-
alt-nodejs14-nodejs-docs-14.21.3-21.el10.noarch.rpm
sha:53e9f9d9b461bf18016df761b184723c84af787a6fe5506f84f6b80001a256b7
-
alt-nodejs14-npm-6.14.18-14.21.3.21.el10.x86_64.rpm
sha:3dd61f7abc087b6d2637e425739b6413004f7a19c6c1fbc50134257bc9d92932
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
