Release date:
2026-05-28 12:15:01 UTC
Description:
- CVE-2026-21714: propagate NGHTTP2_ERR_FLOW_CONTROL in OnInvalidFrame
so Http2Session is destroyed after connection-level WINDOW_UPDATE overflow
instead of leaking memory
Updated packages:
-
alt-nodejs16-nodejs-16.20.2-20.el10.x86_64.rpm
sha:da577b67031dbcda596cb78f3b00b02d489dfabd72e12cff994a8db64a2e366d
-
alt-nodejs16-nodejs-devel-16.20.2-20.el10.x86_64.rpm
sha:8faac12865c8d1c20d7e184dde3ec0ccc8e7729528ca4bc1ee307d33ef88b73a
-
alt-nodejs16-nodejs-docs-16.20.2-20.el10.noarch.rpm
sha:0a490fb115a8282b49e900c68a747211f0ebeb331aa6f533d69133dc9f3eaf4f
-
alt-nodejs16-npm-8.19.4-16.20.2.20.el10.x86_64.rpm
sha:c5945e6e48a6f6c4e8eb348e28d60368f8d0ba58d6bfca9541507b6abf9657c3
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
