Release date:
2026-07-06 15:51:05 UTC
Description:
- CVE-2026-48933: guard WebCrypto AES cipher output length to prevent an
integer overflow that crashes the process on ~2GiB subtle.encrypt inputs
- CVE-2026-48934: bind reusable TLS sessions to the authenticated host so a
resumed session cannot bypass server identity (hostname) verification
Updated packages:
-
nodejs-16.20.2-8.el9_6.tuxcare.els14.x86_64.rpm
sha:aa0b7164eb86c958e2e939c292c49cebd8b76714d5a7c2a9d17cff75dfa408ec
-
nodejs-devel-16.20.2-8.el9_6.tuxcare.els14.x86_64.rpm
sha:023e0c439ca68528b33a63a6b44429ff268b73eb3828b683862edc0c0a969207
-
nodejs-docs-16.20.2-8.el9_6.tuxcare.els14.noarch.rpm
sha:dfd576369a3da42e29cb3ba7ed8f09f9d3f983b1426707c1e0a4b620407ac2a5
-
nodejs-full-i18n-16.20.2-8.el9_6.tuxcare.els14.x86_64.rpm
sha:482dfb50dc74131eb3cc2fb523c7e92fe74122bc1c9390d99b467b990b6f6a61
-
nodejs-libs-16.20.2-8.el9_6.tuxcare.els14.i686.rpm
sha:ccaf466921f934855dfcb5ac6e305dba052a152110e837ac5138b30ac1e8e9d3
-
nodejs-libs-16.20.2-8.el9_6.tuxcare.els14.x86_64.rpm
sha:e106767d7d191a447d307da0e78b53182e5c8afe6bdd94240bcbe56c802fbc00
-
npm-8.19.4_1.16.20.2-8.el9_6.tuxcare.els14.x86_64.rpm
sha:e3621f90c08b485890faac16f7fab6a0854dcdecb7084d2bd9f208779ef4e67c
-
v8-devel-9.4.146.26_1.16.20.2-8.el9_6.tuxcare.els14.x86_64.rpm
sha:7f3a58a8415a621d8e52396b7379d3882e3fd607299c8af6abbd04d9c988ed65
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.