Release date:
2026-05-22 10:05:41 UTC
Description:
- CVE-2026-21714: propagate NGHTTP2_ERR_FLOW_CONTROL in OnInvalidFrame
so Http2Session is destroyed after connection-level WINDOW_UPDATE overflow
instead of leaking memory
Updated packages:
-
alt-nodejs16-nodejs-16.20.2-20.el9.x86_64.rpm
sha:eaf4ed4b00b42fbf54fc194642984ea3ded9c5727673e430c6df59ecbacf1953
-
alt-nodejs16-nodejs-devel-16.20.2-20.el9.x86_64.rpm
sha:2dbd8ed69725df55ff7d66fc7e7460b3b896a2f2c62e6c198880fb1429644a76
-
alt-nodejs16-nodejs-docs-16.20.2-20.el9.noarch.rpm
sha:038fb5d5593af2352b7999954e3c8c7d9d7e926d869c348a1c7701352585dce5
-
alt-nodejs16-npm-8.19.4-16.20.2.20.el9.x86_64.rpm
sha:d8a595b7e9dc0365d04d0e6a1770d920e79e2ee64cd0ac9e1f5900631de77090
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
