Release date:
2026-05-27 13:00:19 UTC
Description:
- CVE-2026-21714: propagate NGHTTP2_ERR_FLOW_CONTROL in OnInvalidFrame
so Http2Session is destroyed after connection-level WINDOW_UPDATE overflow
instead of leaking memory
Updated packages:
-
alt-nodejs12-nodejs-12.22.12-19.el7.x86_64.rpm
sha:8fd354ec570165c96656dad62fa30b50c773c1c46b08757d0ecddc4469a05c9f
-
alt-nodejs12-nodejs-devel-12.22.12-19.el7.x86_64.rpm
sha:657e2454d02e22dd7ef7ebd9eb33cb6df669714b9cfd99dd8673081ef8742fa2
-
alt-nodejs12-nodejs-docs-12.22.12-19.el7.noarch.rpm
sha:6e59e85a975e3fab6c1330052e5185c9b86b26acf55140e64ac6772abb5bef35
-
alt-nodejs12-npm-6.14.16-12.22.12.19.el7.x86_64.rpm
sha:d44fd946744032f9bae84427ed3b3069dbf5b034584704003b1739c1b7b1db69
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
