[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-2391

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
165f9045 by Salvatore Bonaccorso at 2026-02-14T16:35:17+01:00
Add Debian bug reference for CVE-2026-2391

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -660,7 +660,7 @@ CVE-2026-26080 [BUG/MAJOR: quic: fix parsing frame type]
        [bullseye] - haproxy <not-affected> (Vulnerable code introduced later)
        NOTE: Fixed by: 
https://git.haproxy.org/?p=haproxy-3.2.git;a=commit;h=5bb098ce8a656ec5711b4de3e4c87f12b216e7a1
 (v3.2.12)
 CVE-2026-2391 (### Summary The `arrayLimit` option in qs does not enforce 
limits for  ...)
-       - node-qs <unfixed>
+       - node-qs <unfixed> (bug #1127940)
        [trixie] - node-qs <no-dsa> (Minor issue)
        [bookworm] - node-qs <no-dsa> (Minor issue)
        [bullseye] - node-qs <postponed> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/165f9045f5bc2bae69337d2448c2c1bfe8166462

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/165f9045f5bc2bae69337d2448c2c1bfe8166462
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits