Release date:
2026-05-25 12:49:58 UTC
Description:
- CVE-2026-21714: propagate NGHTTP2_ERR_FLOW_CONTROL in OnInvalidFrame
so Http2Session is destroyed after connection-level WINDOW_UPDATE overflow
instead of leaking memory
Updated packages:
-
alt-nodejs18-nodejs-18.20.8-12.el7.x86_64.rpm
sha:75ad08583e4557496a0f8ee7bf7029c80671c197b2da709c3298586c6bf3e59d
-
alt-nodejs18-nodejs-devel-18.20.8-12.el7.x86_64.rpm
sha:5b700c8718fe4bcb8e327ad648aa939716b293f3cf0751222e1b7384f93de574
-
alt-nodejs18-nodejs-docs-18.20.8-12.el7.noarch.rpm
sha:abd815d36cbd4d1d9f34f7f3b991120b8d90f2f49dc17abc94303b48ef6e395c
-
alt-nodejs18-npm-10.8.2-18.20.8.12.el7.x86_64.rpm
sha:9e6633db84dc9243ae37d1cd29cf4ffa560b1f4fc61ab8e25d78fb6041b8c394
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
