Release date:
2026-05-28 12:05:27 UTC
Description:
- CVE-2026-21714: propagate NGHTTP2_ERR_FLOW_CONTROL in OnInvalidFrame
so Http2Session is destroyed after connection-level WINDOW_UPDATE overflow
instead of leaking memory
Updated packages:
-
alt-nodejs16-nodejs-16.20.2-20.el7.x86_64.rpm
sha:c0cd1aa01b69d1720519d41946c2cd52d3fb72791ed1e18ca68048f4e15c504e
-
alt-nodejs16-nodejs-devel-16.20.2-20.el7.x86_64.rpm
sha:ec7c66c2c98837c95b5593897740211a6658e686644b045f19a481d9f4e46a94
-
alt-nodejs16-nodejs-docs-16.20.2-20.el7.noarch.rpm
sha:809c1d13f3109cb2d62aa9d4021ebbe3e6423755ba660b3636e28c6edb901b04
-
alt-nodejs16-npm-8.19.4-16.20.2.20.el7.x86_64.rpm
sha:9277606a193a51f63157f332a44981604692293b76bfa13d577fd2f1078e24dd
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
