[CLSA-2026:1771234777] Fix CVE(s): CVE-2025-59466, CVE-2026-21637

Type:

security

Severity:

Important

Release date:

2026-02-16 09:39:41 UTC

Description:

   * SECURITY UPDATE: Stack overflow exception handling in async_hooks
     - debian/patches/CVE-2025-59466.patch: rethrow stack overflow exceptions
       in async_hooks instead of calling FatalException
     - CVE-2025-59466
   * SECURITY UPDATE: TLS callback exception handling vulnerability
     - debian/patches/CVE-2026-21637.patch: route pskCallback exceptions through
       error handlers to prevent remote attackers from crashing TLS servers
     - CVE-2026-21637

Updated packages:

alt-nodejs12-docs_12.22.12-17_amd64.deb
sha:9661a8a80b8069d7f55ca4c3f34da6e7017617d7
alt-nodejs12-nodejs_12.22.12-17_amd64.deb
sha:29c37d8d2f097a40e101a7f23be686b7451f0195
alt-nodejs12-nodejs-devel_12.22.12-17_amd64.deb
sha:f26d384014d443af6714e45111c01fe7d23dbcc4
alt-nodejs12-npm_6.14.16-12.22.12.17_amd64.deb
sha:d1fba3ed9e344a230ab8ea3be179e5418c5201d3

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.