Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted haproxy 3.0.11-1+deb13u3 (source) into stable-security
Date: Fri, 22 May 2026 20:13:51 +0000
Signed by: Vincent Bernat <bernat@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 20 May 2026 21:21:22 +0200
Source: haproxy
Architecture: source
Version: 3.0.11-1+deb13u3
Distribution: trixie-security
Urgency: high
Maintainer: Debian HAProxy Maintainers <team+haproxy@tracker.debian.org>
Changed-By: Vincent Bernat <bernat@debian.org>
Changes:
 haproxy (3.0.11-1+deb13u3) trixie-security; urgency=high
 .
   [ Salvatore Bonaccorso ]
   * BUG/MAJOR: h3: check body size with content-length on empty FIN
     (CVE-2026-33555)
 .
   [ Vincent Bernat ]
   * BUG/MAJOR: mux-h2: detect incomplete transfers on HEADERS frames as
     well
   * BUG/MAJOR: http-htx: Store new host in a chunk for scheme-based
     normalization
   * BUG/MAJOR: mux-h1: Deal with true 64-bits integer to emit chunks size
   * BUG/MAJOR: mux-h2: preset MSGF_BODY_CL on H2_SF_DATA_CLEN in
     h2c_dec_hdrs()
   * BUG/MAJOR: slz: always make sure to limit fixed output to less than
     worst case literals
   * BUG/MAJOR: http: forbid comma character in authority value
   * BUG/MEDIUM: h1: Skip all h2c values from Upgrade headers during
     parsing
Checksums-Sha1:
 cbfcc73d6d86b3aca9ae2b6f8a047135b9b5ae5f 2462 haproxy_3.0.11-1+deb13u3.dsc
 3a632c7af55cc189807811a5cb9076ba3d734622 4738655 haproxy_3.0.11.orig.tar.gz
 8dda124e1a2545497b3d8bf2d87086929564d56b 101172 haproxy_3.0.11-1+deb13u3.debian.tar.xz
 63a166396e0bac97d636e345ea2863fa3596a51e 8886 haproxy_3.0.11-1+deb13u3_amd64.buildinfo
Checksums-Sha256:
 11e6fc6750be89dbe61e9ab2b338254957a2724d1f2b5d0b9ea707556a9ebb1f 2462 haproxy_3.0.11-1+deb13u3.dsc
 a133e2d550c5fd9a849b5c7ab17bb945bcdad209ca140d41f45ebf31943ae783 4738655 haproxy_3.0.11.orig.tar.gz
 3c038b0a9f488a846d723aed4cc24f36b12c3cb846deece50e506386a8dbe6b7 101172 haproxy_3.0.11-1+deb13u3.debian.tar.xz
 fb527eeaab61651e68df5689dd663c801c4d50018b9c2361185cd16962b9a185 8886 haproxy_3.0.11-1+deb13u3_amd64.buildinfo
Files:
 063c726077024a4a2c37d465a8e4de80 2462 net optional haproxy_3.0.11-1+deb13u3.dsc
 daa269dc9a9b49318b22ad7676ebea5c 4738655 net optional haproxy_3.0.11.orig.tar.gz
 16e99ccddb2fa1e51ffd787515d3dd24 101172 net optional haproxy_3.0.11-1+deb13u3.debian.tar.xz
 5479da054b176e6e06d9953aa98cb10b 8886 net optional haproxy_3.0.11-1+deb13u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEErvI0h2bzccaJpzYAlaQv6DU1JfkFAmoOrMASHGJlcm5hdEBk
ZWJpYW4ub3JnAAoJEJWkL+g1NSX5xwAP/jbk8DGYFcbJUnh4QcOMKzjGZJ3Of36x
uHxOsGS0L2gLMhdihft4w/TCwy8EN3hmvBeGbFIyhuSwWDX8qBPovIJuTxU+j/5m
wrhSOm4Q8KiSzC6tcYqeB/V6/H2401+8CjXQEIwvr+eO4sOK2E8LaO5TkIq3t2Qx
zqr0zB1GZzR4AnoL58VLcv6tEYJTyFSFvgm8KWDi8ou54aazP3zssxrKrpu6cp6w
cFGgYhuKNzQSFurKHakmdCClKxf9qlFsCTHvcON6X/VPCbE8ke9HZL1vpjTwK850
g3byRDu6aKCCViBSynGDKVfT4sFFsqHVPFeR7/s60FI1x1D11iSPko8ugw5FUYPS
+75gmFRobuV82WioJRsqw16mh0KV9nVzV6yO15h3s6Tmjo/u1/IPXvuwGHJS118w
bPDwNH360crwMelNN3naUfhMb7kjpiyhNmrrH0QAiAYUFie+JPVbNwNcVIwkUesE
M9HchdT2fPUEOFW8Wnqp9QcWxfHL7Dat0u8614ZvAEeM7ez5EGSMVLI5POzpQbMi
zulgY9YckGrd17cGZJ3ndQh5GYFDkrUlolHXbjOxxoXGfOopdTFy5IkpF34N+vk4
jCi72HfcoXyIHG29/OewPKmtU4bSd/w6FtZmliHtnrb6NgyMGtbo8jHkDtws3soa
j2gEgs4Ui11d
=+4Y3
-----END PGP SIGNATURE-----
News for package haproxy
