Release date:
2026-05-27 14:00:40 UTC
Description:
* SECURITY UPDATE: memory leak in HTTP/2 on flow control window overflow
- debian/patches/CVE-2026-21714.patch: treat NGHTTP2_ERR_FLOW_CONTROL in
OnInvalidFrame so Http2Session is destroyed after invalid connection-level
WINDOW_UPDATE instead of leaking
- CVE-2026-21714
Updated packages:
-
alt-nodejs12-docs_12.22.12-20_amd64.deb
sha:9e05c1fa60468cc9c0f227b8caf9dfd73b4ac688
-
alt-nodejs12-nodejs_12.22.12-20_amd64.deb
sha:ecbf9ca82352f39e89a116c64c2e5314b8c9ef41
-
alt-nodejs12-nodejs-devel_12.22.12-20_amd64.deb
sha:5cf76abfaedff05d798334f1f30f1b1e34eac734
-
alt-nodejs12-npm_6.14.16-12.22.12.20_amd64.deb
sha:61b4beef06aa7763d35258ed9ffdd6bb13aad531
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
