[ALSA-2026:7668] Important: nghttp2 security update
Type:
security
Severity:
important
Release date:
2026-04-15
Description:
libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): * nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 nghttp2-1.43.0-6.el9_7.1.aarch64.rpm 1f3d757b9a05831b7a98639fb5409a8c8992043c9642ee28efa7a9bead12ca93
aarch64 libnghttp2-1.43.0-6.el9_7.1.aarch64.rpm d2ffc62dd861d45ce93e865ad802ce6da4be6a6ab8b6d9fbd12743ad9d26f485
aarch64 libnghttp2-devel-1.43.0-6.el9_7.1.aarch64.rpm fe9a83fc18aa5c52326e300abb0424a793fc5b180eb318ff3cca550bdd9822f3
i686 libnghttp2-devel-1.43.0-6.el9_7.1.i686.rpm 3d982bc2796ec8a7f8dd88786426cc2acc61d103a88510c77e8f83381bb2b32f
i686 libnghttp2-1.43.0-6.el9_7.1.i686.rpm b0e5047ba1fcd51dc8ab8c37d2893121c1dceb503305e0eba596a3488a656243
ppc64le libnghttp2-1.43.0-6.el9_7.1.ppc64le.rpm 37d1242ef3caa806bce7c678816c160a9f958b4f35ad81856c719856e19718c2
ppc64le nghttp2-1.43.0-6.el9_7.1.ppc64le.rpm 4691c3ed93451037fc88393ddf11c3a152c015bc5d1abc555f7ae4a3f5d8880d
ppc64le libnghttp2-devel-1.43.0-6.el9_7.1.ppc64le.rpm e931aeb7a608e13be083055d253cf53445ffb4a7bd997f4e29debddda7f7c3ad
s390x nghttp2-1.43.0-6.el9_7.1.s390x.rpm 139feab65922c4563d74a3dbe4aadb02554e379b4e24065d24b8d5bf7ccd5734
s390x libnghttp2-1.43.0-6.el9_7.1.s390x.rpm 6a0890d1d2432031d93cdbdb2024d3a54cdf642ccbbe5235123a4a2f3e567594
s390x libnghttp2-devel-1.43.0-6.el9_7.1.s390x.rpm adcb607821d50668699925d5fe9e0424c2842a002e5338c0f1ba1f353abe0933
x86_64 libnghttp2-1.43.0-6.el9_7.1.x86_64.rpm aef6f9d1d479bb539e35cc605da8856b462caff378bcb493b63b8be34454445d
x86_64 nghttp2-1.43.0-6.el9_7.1.x86_64.rpm b4ac3eee5283b085b0026bc342375b29081d94cf799e5219c62b484d21b07d06
x86_64 libnghttp2-devel-1.43.0-6.el9_7.1.x86_64.rpm eb4cd1d327a188f72feefcf626cd257ee24f4f40501f28135e677cb0b2462c63
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.