SUSE-SU-2026:1247-1

This update for nghttp2 fixes the following issue:

• CVE-2026-27135: assertion failure due to missing state validation can lead to DoS (bsc#1259845).