-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6130-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 12, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : haproxy CVE ID : CVE-2026-26081 Asim Viladi Oglu Manizada reported that HAProxy, a load balancing reverse proxy, does not properly validate an INITIAL QUIC packet with specially crafted data, which may result in denial of service (process crash). For the stable distribution (trixie), this problem has been fixed in version 3.0.11-1+deb13u2. We recommend that you upgrade your haproxy packages. For the detailed security status of haproxy please refer to its security tracker page at: https://security-tracker.debian.org/tracker/haproxy Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmmN5ZVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TVRw//YiM2kr4yFru9gbMS5WURR1riU+Z+ja4ucG75h6mtLyZ6ZT1tS2xzxBcd UwaU24bnEKnANHYvppQ3vDsFXNNkFiHQ3TeOghu5sgDVGBCQpcPAkrVbnbiNz5BD JKvLQyBgYDBH7sto2k6DAI9XaPICJVS+7XkdoEw9+n13BORV5b70V7IkhKdDgZcw BcDewQBDiFaP490qutomwzkiOgFt3fmLvphfel+2YPjq/I2Zq8Pm3u+hUmcQrz0F t68ukEgaHFuAAi71UXWVAupQYReNEvKtajqC32mHMehdQN3uzZKpC1vp7wbSI5c2 e5WJal3DeXW0vxHZ1NgA/z2cX3K/2urQdObalP52rKroAaL4zENVo0VL02O6KOes t0uVM4oqphEitLo7AtSG8Bw/+lpOETMD6SIuHw3osu6nZVv1qAq9wUKpxip/cF7M 5HcyOSkr95wb9FO1qPszP3T+bYDVK0IjCQ7n50H/yh5jeJIkTYaYRBp4s0O8PMkA Xz/xhRWxTL82bSnlSfQetXgDT1N1m1cbcGL3ldY3z4UY7dHj57V5NAoWDX7QzvXv 39WF8nA7NNq6HPz0rOCCXkQ3J4N5jUOTBKANlxp56fgciVDOicP5YBIINnX1NtNW qbdHgWb/u9cW97+uW9tv4kgw92WYySE7P/sdezeX/fS3pkgw0QQ= =Tu8x -----END PGP SIGNATURE-----
