[CLSA-2026:1779886572] alt-nodejs12-nodejs: Fix of CVE-2026-21714
Type:
security
Severity:
Moderate
Release date:
2026-05-27 12:56:18 UTC
Description:
- CVE-2026-21714: propagate NGHTTP2_ERR_FLOW_CONTROL in OnInvalidFrame so Http2Session is destroyed after connection-level WINDOW_UPDATE overflow instead of leaking memory
Updated packages:
  • alt-nodejs12-nodejs-12.22.12-19.el8.x86_64.rpm
    sha:cb1a28e58f124900ddf14eed8331a1e0c633dd8b0b3b4adffa650ddc11fff824
  • alt-nodejs12-nodejs-devel-12.22.12-19.el8.x86_64.rpm
    sha:2a53352b32f5153a6b896c3739611f6943a47db2fe133fdf876a6e5a403ed327
  • alt-nodejs12-nodejs-docs-12.22.12-19.el8.noarch.rpm
    sha:352e70d763d51396243ede5f2cccb75a708afb2a937b9e25c1b5911018ce99fc
  • alt-nodejs12-npm-6.14.16-12.22.12.19.el8.x86_64.rpm
    sha:d15873ca2fed27120dcf122816d0f54f1c10c074b9d63a7dde72a69b1a97f222
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.