-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 30 Mar 2026 16:52:10 +0200
Source: inetutils
Binary: inetutils-ftp inetutils-ftp-dbgsym inetutils-ftpd inetutils-ftpd-dbgsym inetutils-inetd inetutils-inetd-dbgsym inetutils-ping inetutils-ping-dbgsym inetutils-syslogd inetutils-syslogd-dbgsym inetutils-talk inetutils-talk-dbgsym inetutils-talkd inetutils-talkd-dbgsym inetutils-telnet inetutils-telnet-dbgsym inetutils-telnetd inetutils-telnetd-dbgsym inetutils-tools inetutils-tools-dbgsym inetutils-traceroute inetutils-traceroute-dbgsym
Architecture: amd64
Version: 2:2.4-2+deb12u3
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Guillem Jover <guillem@debian.org>
Description:
 inetutils-ftp - File Transfer Protocol client
 inetutils-ftpd - File Transfer Protocol server
 inetutils-inetd - internet super server
 inetutils-ping - ICMP echo tool
 inetutils-syslogd - system logging daemon
 inetutils-talk - talk to another user
 inetutils-talkd - remote user communication server
 inetutils-telnet - telnet client
 inetutils-telnetd - telnet server
 inetutils-tools - base networking utilities (experimental package)
 inetutils-traceroute - trace the IPv4 route to another host
Closes: 1130741 1130742
Changes:
 inetutils (2:2.4-2+deb12u3) bookworm-security; urgency=high
 .
   * Add patch from upstream:
     - Prevent privilege escalation via telnetd abusing systemd service
       credentials support added to the login(1) implementation of util-linux in
       release 2.40. Reported by Ron Ben Yizhak <ron.benyizhak@safebreach.com>.
       Fixes CVE-2026-28372.
     - Ignore all environment options from clients unless the variable was
       listed in the new --accept-env telnetd option. This mitigates privilege
       escalation using environment variables.
       This is the complete fix for CVE-2026-24061, with its own CVE pending.
     - Fix stack buffer overflow processing SLC suboption triplets.
       Reported by Adiel Sol, Arad Inbar, Erez Cohen, Nir Somech, Ben Grinberg,
       Daniel Lubel at DREAM Security Research Team.
       Fixes CVE-2026-32746. (Closes: #1130742)
   * Add the hashcode-string1 module from forky/sid gnulib adapted to bookworm
     required by the --accept-env patch, and the gl_hash_set, gl_set, gl_xset
     and gl_anyhash bookworm gnulib modules required by hashcode-string1.
     Inject new gnulib modules in lib/Makefile.am.
   * Adapt netkit-telnet patch to not leak unexported environment variables to
     telnetd. Reported by Justin Swartz <justin.swartz@risingedge.co.za>.
     Fixes CVE-2026-32772. (Closes: #1130741)
   * Prevent user local privilege escalation using --debug, which was
     susceptible to symlink attacks, or leaking on-wire credentials to a
     user that had pre-created the file and kept it open. Fix by switching
     from /tmp/telnet.debug to /run/telnet/debug.<pid>, and making the
     setup error checks fatal.
     Partially reported by Justin Swartz <justin.swartz@risingedge.co.za>.
   * Update local telnetd man page to match new --debug behavior.
Checksums-Sha1:
 37c247f1714247b8a59f2109d717b54db7a9b3cb 151964 inetutils-ftp-dbgsym_2.4-2+deb12u3_amd64.deb
 9a4475e2a7fc2e31ba959fa5369796a4c6be4c8f 106540 inetutils-ftp_2.4-2+deb12u3_amd64.deb
 b04f8a37e2353491fe227ae2b545e64d1731a9f5 186248 inetutils-ftpd-dbgsym_2.4-2+deb12u3_amd64.deb
 2ceef5d91c46f09b31ffef83ccbbffd9d58529b7 109216 inetutils-ftpd_2.4-2+deb12u3_amd64.deb
 8cc9e693a910fc6d0d62c6b263367c9f1d6345bd 103132 inetutils-inetd-dbgsym_2.4-2+deb12u3_amd64.deb
 5ff78e76fe3de0063b473bdb369855bec78355a8 81820 inetutils-inetd_2.4-2+deb12u3_amd64.deb
 a01a39b41f8806ec9b05c0c1b38350ee41632c6c 194972 inetutils-ping-dbgsym_2.4-2+deb12u3_amd64.deb
 5c0b60523bf5b0d1a58285c84baa99edcac7ba8f 86720 inetutils-ping_2.4-2+deb12u3_amd64.deb
 d118f26678931c1ec2002ea60effadaed95e28e9 110600 inetutils-syslogd-dbgsym_2.4-2+deb12u3_amd64.deb
 11cbf25658952f4b266b468e8f515bca74dd9be7 85024 inetutils-syslogd_2.4-2+deb12u3_amd64.deb
 88baa5889d78e4bea26e8e060c3173e719cc201b 84052 inetutils-talk-dbgsym_2.4-2+deb12u3_amd64.deb
 780227b7f8a26406bd0b7336343f56c728e8cf92 70324 inetutils-talk_2.4-2+deb12u3_amd64.deb
 b7d56f459c7a498b96f40a095a3b46f106374124 99924 inetutils-talkd-dbgsym_2.4-2+deb12u3_amd64.deb
 2ddea5cad9069aaa40bbab9422a46fe6912b3b11 72928 inetutils-talkd_2.4-2+deb12u3_amd64.deb
 d5d814aa69d23cee749a17841514fd7b23c6c208 201136 inetutils-telnet-dbgsym_2.4-2+deb12u3_amd64.deb
 48bc2b2905150e4e1fbff07b42f910cb43cf19ba 120880 inetutils-telnet_2.4-2+deb12u3_amd64.deb
 4e357412310e7a81240b7d7b8b2f0081cc261488 180976 inetutils-telnetd-dbgsym_2.4-2+deb12u3_amd64.deb
 5f3688bc473c4d68612edaba922d92a882b30808 108556 inetutils-telnetd_2.4-2+deb12u3_amd64.deb
 4c1c1893e99470139832e60394f6c7f6f53ab34a 345736 inetutils-tools-dbgsym_2.4-2+deb12u3_amd64.deb
 f32dc1943905b70c69fd8bcb2ef922d30af294b5 101560 inetutils-tools_2.4-2+deb12u3_amd64.deb
 33ba8db073556384933066cf27d2db4ec0d76eee 84904 inetutils-traceroute-dbgsym_2.4-2+deb12u3_amd64.deb
 372ab5b3e55cedac4e17e7d13fff28cb7bc0356a 67976 inetutils-traceroute_2.4-2+deb12u3_amd64.deb
 7308b42ccfc4b6d8ffd2ad315c42d4adc06d6b12 13156 inetutils_2.4-2+deb12u3_amd64-buildd.buildinfo
Checksums-Sha256:
 92758c36c0faa049252dc0254c72d5f3c92068f1388d4854d803a81a7cc9a5be 151964 inetutils-ftp-dbgsym_2.4-2+deb12u3_amd64.deb
 8608264e3b304413f739b836a14cab65d456bec2b8305f5e3a612e15cb08a00c 106540 inetutils-ftp_2.4-2+deb12u3_amd64.deb
 c5cce3f3de82c0b0add7eeb0011460ec8a44e315ad101df043af0f2d4f19cfea 186248 inetutils-ftpd-dbgsym_2.4-2+deb12u3_amd64.deb
 440fb4123e51bf923a98d7814d1fa638664a9df2fa5c7975c0270bc8b036046f 109216 inetutils-ftpd_2.4-2+deb12u3_amd64.deb
 aa6c06739c19bb7f577cb4d21717ec5529b4217cb2d1ef0d17a7308769a07c9c 103132 inetutils-inetd-dbgsym_2.4-2+deb12u3_amd64.deb
 04cc9952d15ced6773f4b51d25ecb3415429cff28cfc0ca1a8372d3970e5724b 81820 inetutils-inetd_2.4-2+deb12u3_amd64.deb
 0355ed69192a8792c394c7ae25d380df3440edbe686cf1ade2ccddb958600a7e 194972 inetutils-ping-dbgsym_2.4-2+deb12u3_amd64.deb
 d657c3933ca5b14e814197de9e6a2bba518d86bb9d801f8479be2429a61f8167 86720 inetutils-ping_2.4-2+deb12u3_amd64.deb
 2bab9f8c261481e9c1366e8a6faa339f7b4ff04bf90f38b4e2f5ef83a509f743 110600 inetutils-syslogd-dbgsym_2.4-2+deb12u3_amd64.deb
 2086dd83b3ceb54bd667716726243f66af8eafacae50bf8e524c97db816c1f1d 85024 inetutils-syslogd_2.4-2+deb12u3_amd64.deb
 ebd8426e07b325f8c75b2d730ee0713d5f992df90d96eefde2643a49bde90e2c 84052 inetutils-talk-dbgsym_2.4-2+deb12u3_amd64.deb
 674a62b52abbe780463ba976364da1c90450e612f21f45f1a8fb301b7b74a058 70324 inetutils-talk_2.4-2+deb12u3_amd64.deb
 3aaa58f00683b513c5517ac9a0527b5878eab58407b49f4ae0466a2bfc5605e2 99924 inetutils-talkd-dbgsym_2.4-2+deb12u3_amd64.deb
 9af47367e17e3e073ff95c025bbd24807888799535e61b61a7b07b8b5def592c 72928 inetutils-talkd_2.4-2+deb12u3_amd64.deb
 ca46f6a12d95d4138659e24080f312f9fe110f0de132d7492b0ab5e19e61f0d4 201136 inetutils-telnet-dbgsym_2.4-2+deb12u3_amd64.deb
 571b2b17efdcfe058658444dad07fedd884632f21f2d0ccb98991c743c596bdd 120880 inetutils-telnet_2.4-2+deb12u3_amd64.deb
 6cc222861c46dfc46c6135a7ca62a09fc03c233d52a821243378715fb762907e 180976 inetutils-telnetd-dbgsym_2.4-2+deb12u3_amd64.deb
 89e46331115527efe25f127ee8a44b3c22b7cf33ca7f64800c789959ab9e5b00 108556 inetutils-telnetd_2.4-2+deb12u3_amd64.deb
 7a75555134dca6d6bf7b7bbdd6b6318c3295aabf36891642c8544ff8343ae2f7 345736 inetutils-tools-dbgsym_2.4-2+deb12u3_amd64.deb
 2580cb754fb985b8adadf2dc3075fceb776ba4a1ca0e7b496cb63fee7756c591 101560 inetutils-tools_2.4-2+deb12u3_amd64.deb
 2d1639603d3dabd15e7262816e0abfbb8dab020245b610d1a280eefe5969ee26 84904 inetutils-traceroute-dbgsym_2.4-2+deb12u3_amd64.deb
 3327f9aee212356b04e9f8c8b43f9fe0355ffa4de2e06078d7ae46b12ad9d3ef 67976 inetutils-traceroute_2.4-2+deb12u3_amd64.deb
 beef2c997b90416f11b3982aa9ea6433808e5ad91163d4e68ff9ff3efb6b47fe 13156 inetutils_2.4-2+deb12u3_amd64-buildd.buildinfo
Files:
 21c9c87dbac84173222d56a4b13f4049 151964 debug optional inetutils-ftp-dbgsym_2.4-2+deb12u3_amd64.deb
 19762afa3463b55a4f7de9c92a90bcc7 106540 net optional inetutils-ftp_2.4-2+deb12u3_amd64.deb
 f2779fca40302a5c9a695d6fb6316d15 186248 debug optional inetutils-ftpd-dbgsym_2.4-2+deb12u3_amd64.deb
 a0a3a32197a9696a4958eeeb6b21f7a4 109216 net optional inetutils-ftpd_2.4-2+deb12u3_amd64.deb
 56450120fe0f607b859543ae9c4c9446 103132 debug optional inetutils-inetd-dbgsym_2.4-2+deb12u3_amd64.deb
 8f68be578291301ea011701247152d2f 81820 net optional inetutils-inetd_2.4-2+deb12u3_amd64.deb
 cef138f565abae4ed20785cd87de6a09 194972 debug optional inetutils-ping-dbgsym_2.4-2+deb12u3_amd64.deb
 7383ac07b2788d79465846384ac4dbac 86720 net optional inetutils-ping_2.4-2+deb12u3_amd64.deb
 4e26de68013eff0268efdfb16337b1ee 110600 debug optional inetutils-syslogd-dbgsym_2.4-2+deb12u3_amd64.deb
 82cbf676082bbf1a324f18c7c677d3b6 85024 net optional inetutils-syslogd_2.4-2+deb12u3_amd64.deb
 838303197ec3c48bc808ae4d70262a10 84052 debug optional inetutils-talk-dbgsym_2.4-2+deb12u3_amd64.deb
 fb1bdf2c1f1e3c19fb58880218b02b1e 70324 net optional inetutils-talk_2.4-2+deb12u3_amd64.deb
 1eb8abd9adc5ee9f7f10265820042f14 99924 debug optional inetutils-talkd-dbgsym_2.4-2+deb12u3_amd64.deb
 4460084cb13c35ed216c92d8e96352f4 72928 net optional inetutils-talkd_2.4-2+deb12u3_amd64.deb
 03999f18bb9f60bc757eb693d7fdc77a 201136 debug optional inetutils-telnet-dbgsym_2.4-2+deb12u3_amd64.deb
 819155585f50d974946929a00b4e0009 120880 net standard inetutils-telnet_2.4-2+deb12u3_amd64.deb
 0a17a87bfacbb2e4304846160de42b84 180976 debug optional inetutils-telnetd-dbgsym_2.4-2+deb12u3_amd64.deb
 e1656c193dbeec57fa933ec28e740baa 108556 net optional inetutils-telnetd_2.4-2+deb12u3_amd64.deb
 4dc109b0055009753451d1ae27e85011 345736 debug optional inetutils-tools-dbgsym_2.4-2+deb12u3_amd64.deb
 145165232c1ee27d66d7937c8440ce9f 101560 net optional inetutils-tools_2.4-2+deb12u3_amd64.deb
 01375f790212dac4876e1b846b4deb8a 84904 debug optional inetutils-traceroute-dbgsym_2.4-2+deb12u3_amd64.deb
 573aa74c84578f10289666033e2b336a 67976 net optional inetutils-traceroute_2.4-2+deb12u3_amd64.deb
 47b1c1a594a286fd5ae8242511de0606 13156 net optional inetutils_2.4-2+deb12u3_amd64-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7cQ9mRD4+dWjjrb6PkCWRKsh20cFAmnL29gACgkQPkCWRKsh
20fzqw/9EtyU+tcQwqSgUuyJqTf0dnSFGC7WNzWE7VzBYLXhZFur0oHvFPYwXi/a
ilM6yuIhhO4fop46mdHGbWdhDJmCVA4XnCpXcdNAU9ZOmPta409DugP5hyDUbrrF
yWW0JBkrNjCICRHqzlQ040Cn6ex1Mulqh1SMgmxJQvViPgAHAJkZQIRMgEtQdCm+
wxiOmkQbBulelE7UVevwhhHAYzXGwGptmHgNv7WGDARGewswkK7MYRE5JCa4GkUB
hx8ZB1NhTcxKLlAdE6yn8NqtrXcp4yr3WjLoOP8oG+/QdZiCHxrNu4NRdLFocwOq
R8owDagVZNqtFPbiKdfvD6TWjxn090rB/ZE9oHtYUEKV9MFl+ZX7cqB2t9X4zyhl
ihFVTRdNKBRfTHagonXDMLmpWnweCxK8+9NvMb8gzUSTUoruKdV9GPUTlRGatjGk
SwhB1hVp7tMsLiKye+4mpSsT58kSeBXljDA5Uj33SsDYvxuQmyAPG2ARmxR0bO39
vEdwo/0nE7TlrbeahfAtSjvjBIHM71fZG5CdHB5sXITlhCQZ9765bX9FW7UsOIpi
PF8EAf1sBqhCzNr/fLbX37igjMSL4gjf4bfrc74e4V7Ked+HTODh3RS1r5Al6/0c
UX18V2CdMfpwcJi64sRShCP6PXGhD0H8Dfjw8YRj7LnE6T3LTNs=
=eYE2
-----END PGP SIGNATURE-----