Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 923808bb by Salvatore Bonaccorso at 2026-02-12T15:14:57+01:00 Add CVE-2026-26081/haproxy - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,9 @@ +CVE-2026-26081 [BUG/MAJOR: quic: reject invalid token] + - haproxy <unfixed> + [bookworm] - haproxy <not-affected> (Vulnerable code introduced later) + [bullseye] - haproxy <not-affected> (Vulnerable code introduced later) + NOTE: Fixed by: https://git.haproxy.org/?p=haproxy-3.0.git;a=commit;h=a05eade0f07483e6b6d0b61b1749e9093647e802 (v3.0.16) + NOTE: Fixed by: https://git.haproxy.org/?p=haproxy-3.2.git;a=commit;h=4765277f4f915baac2d57db63538ff0a59966deb (v3.2.12) CVE-2026-2391 (### Summary The `arrayLimit` option in qs does not enforce limits for ...) TODO: check CVE-2026-2327 (Versions of the package markdown-it from 13.0.0 and before 14.1.1 are ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/923808bbf614c38343f92c45634a59d5f6919533 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/923808bbf614c38343f92c45634a59d5f6919533 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
