[ALSA-2026:7667] Important: nghttp2 security update
Type:
security
Severity:
important
Release date:
2026-04-14
Description:
libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 libnghttp2-1.33.0-6.el8_10.2.aarch64.rpm 3e9fa25fa3aeb75485624f76e8002ebc8c7ce2d4572a672511ace29744e5bae6
aarch64 libnghttp2-devel-1.33.0-6.el8_10.2.aarch64.rpm b9d11b2044708f4b03c81bde2b44c967f7311875dc6498095d0f662b6d7b4a63
aarch64 nghttp2-1.33.0-6.el8_10.2.aarch64.rpm ff0dfcc148cbecf3b65dae19ba58878b781279a3992a16406851b8872f034269
i686 libnghttp2-1.33.0-6.el8_10.2.i686.rpm 42b75ab4263c902fbce8a96eceaf1c34fc9ccb40751970835d36576dd3674139
i686 libnghttp2-devel-1.33.0-6.el8_10.2.i686.rpm 868ca9fd6da428ef7a592a2a14c033afbee08da9b83f60c563366f5b41a38703
ppc64le libnghttp2-devel-1.33.0-6.el8_10.2.ppc64le.rpm 0e286a1b88a3572d0169b27be353806a4043fe80febd9822e1fc2b65cab3a928
ppc64le libnghttp2-1.33.0-6.el8_10.2.ppc64le.rpm b9d427fea2474fbf9ee1531270c8e0d58deb6b04860e81a3873000bf68457fa8
ppc64le nghttp2-1.33.0-6.el8_10.2.ppc64le.rpm cf7f9eed8b1d2fc8c0cf2dbde85fbcb3eaa29c1a2fbbc30d3ddd7fa99583d530
s390x nghttp2-1.33.0-6.el8_10.2.s390x.rpm 137f313b4692b6ac46021a864364dcc2c3bd01f9568840523ef7f7b8f0bcf945
s390x libnghttp2-devel-1.33.0-6.el8_10.2.s390x.rpm 87cf31a14af0ab7487ce5b5d27b76fa49cb35ed5a92fd9e4d7e7a94f91dc6318
s390x libnghttp2-1.33.0-6.el8_10.2.s390x.rpm fcd8b2d2bfa258b5e816585c7f6b6297c2745962e48a4d4459019fa52fe85865
x86_64 libnghttp2-devel-1.33.0-6.el8_10.2.x86_64.rpm 2b79bfe51e16fd4a1ff38e0b98df875c7453071dbf328a5a08de8f823fec3ea4
x86_64 libnghttp2-1.33.0-6.el8_10.2.x86_64.rpm 3ec51c266f7a2c989b8b00c02fa57c19c82a0187584b8a60b628f50dca142c31
x86_64 nghttp2-1.33.0-6.el8_10.2.x86_64.rpm b7f9e93337592abd1b4265f1e229fadaac27734e5302619bb8cf580fcbebdf65
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.