-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 30 Mar 2026 16:52:10 +0200
Source: inetutils
Binary: inetutils-ftp inetutils-ftp-dbgsym inetutils-ftpd inetutils-ftpd-dbgsym inetutils-inetd inetutils-inetd-dbgsym inetutils-ping inetutils-ping-dbgsym inetutils-syslogd inetutils-syslogd-dbgsym inetutils-talk inetutils-talk-dbgsym inetutils-talkd inetutils-talkd-dbgsym inetutils-telnet inetutils-telnet-dbgsym inetutils-telnetd inetutils-telnetd-dbgsym inetutils-tools inetutils-tools-dbgsym inetutils-traceroute inetutils-traceroute-dbgsym
Architecture: i386
Version: 2:2.4-2+deb12u3
Distribution: bookworm-security
Urgency: high
Maintainer: i386 Build Daemon (x86-grnet-01) <buildd_amd64-x86-grnet-01@buildd.debian.org>
Changed-By: Guillem Jover <guillem@debian.org>
Description:
 inetutils-ftp - File Transfer Protocol client
 inetutils-ftpd - File Transfer Protocol server
 inetutils-inetd - internet super server
 inetutils-ping - ICMP echo tool
 inetutils-syslogd - system logging daemon
 inetutils-talk - talk to another user
 inetutils-talkd - remote user communication server
 inetutils-telnet - telnet client
 inetutils-telnetd - telnet server
 inetutils-tools - base networking utilities (experimental package)
 inetutils-traceroute - trace the IPv4 route to another host
Closes: 1130741 1130742
Changes:
 inetutils (2:2.4-2+deb12u3) bookworm-security; urgency=high
 .
   * Add patch from upstream:
     - Prevent privilege escalation via telnetd abusing systemd service
       credentials support added to the login(1) implementation of util-linux in
       release 2.40. Reported by Ron Ben Yizhak <ron.benyizhak@safebreach.com>.
       Fixes CVE-2026-28372.
     - Ignore all environment options from clients unless the variable was
       listed in the new --accept-env telnetd option. This mitigates privilege
       escalation using environment variables.
       This is the complete fix for CVE-2026-24061, with its own CVE pending.
     - Fix stack buffer overflow processing SLC suboption triplets.
       Reported by Adiel Sol, Arad Inbar, Erez Cohen, Nir Somech, Ben Grinberg,
       Daniel Lubel at DREAM Security Research Team.
       Fixes CVE-2026-32746. (Closes: #1130742)
   * Add the hashcode-string1 module from forky/sid gnulib adapted to bookworm
     required by the --accept-env patch, and the gl_hash_set, gl_set, gl_xset
     and gl_anyhash bookworm gnulib modules required by hashcode-string1.
     Inject new gnulib modules in lib/Makefile.am.
   * Adapt netkit-telnet patch to not leak unexported environment variables to
     telnetd. Reported by Justin Swartz <justin.swartz@risingedge.co.za>.
     Fixes CVE-2026-32772. (Closes: #1130741)
   * Prevent user local privilege escalation using --debug, which was
     susceptible to symlink attacks, or leaking on-wire credentials to a
     user that had pre-created the file and kept it open. Fix by switching
     from /tmp/telnet.debug to /run/telnet/debug.<pid>, and making the
     setup error checks fatal.
     Partially reported by Justin Swartz <justin.swartz@risingedge.co.za>.
   * Update local telnetd man page to match new --debug behavior.
Checksums-Sha1:
 3d6fd8fe35f9bc8ba689d3fa90768551dc20a671 139456 inetutils-ftp-dbgsym_2.4-2+deb12u3_i386.deb
 3b565dc7b316a5d8cb6133eb0f04900cb09ca1c7 109920 inetutils-ftp_2.4-2+deb12u3_i386.deb
 60df09f34bf3298618c30e2d1c9c3551d31357d1 172560 inetutils-ftpd-dbgsym_2.4-2+deb12u3_i386.deb
 8dfdd754b7c7ea17a5d93f56c6bce1b9e837d85f 114548 inetutils-ftpd_2.4-2+deb12u3_i386.deb
 0355f4d50be5bbbf5c09ca303a60fc7af26c916f 94804 inetutils-inetd-dbgsym_2.4-2+deb12u3_i386.deb
 f6d73f06da70448603ec273d9067b11648bb2312 83380 inetutils-inetd_2.4-2+deb12u3_i386.deb
 23bd6ffc7dcc047ef74a35f8de93647701a81720 177344 inetutils-ping-dbgsym_2.4-2+deb12u3_i386.deb
 aaa2d4d1ecd184c4c0fc7ef1c18e2885ce707ef9 89628 inetutils-ping_2.4-2+deb12u3_i386.deb
 2b34e7ad6294458248fd075f16cf675275c2defe 101744 inetutils-syslogd-dbgsym_2.4-2+deb12u3_i386.deb
 212c94c4c2e187679e259d512fcf471bf477e0ea 87000 inetutils-syslogd_2.4-2+deb12u3_i386.deb
 300cbf7146f9753914d06fd8bc0bd3e204c02ae6 78152 inetutils-talk-dbgsym_2.4-2+deb12u3_i386.deb
 2f967173d34df308fbc30cae6c756896dc7ad84b 71284 inetutils-talk_2.4-2+deb12u3_i386.deb
 69a42580064239f3081bf7357ea31af1505fca5a 91660 inetutils-talkd-dbgsym_2.4-2+deb12u3_i386.deb
 391eab21ad242aacdb8355664b86079f52d34ac1 74548 inetutils-talkd_2.4-2+deb12u3_i386.deb
 f0755f041c22eef768fba41bd0afda523f2dbad5 180732 inetutils-telnet-dbgsym_2.4-2+deb12u3_i386.deb
 8544d979c13d16e2138723bf3e7ef8ae7c64695f 123336 inetutils-telnet_2.4-2+deb12u3_i386.deb
 2c2ed3d1079c2920cf7cb5f73765eca9b7d26833 162908 inetutils-telnetd-dbgsym_2.4-2+deb12u3_i386.deb
 5a0044c7734d21f429f531aecfbbc120c070385a 110720 inetutils-telnetd_2.4-2+deb12u3_i386.deb
 2deca82e22751f66a52d3f614208edd88c90b75b 309276 inetutils-tools-dbgsym_2.4-2+deb12u3_i386.deb
 f8fcbbff3de9e0734dcc09f5eb68e82c9ac96991 103440 inetutils-tools_2.4-2+deb12u3_i386.deb
 9edab2a6d1be4b5b4c32bc22390ffb827b19cc36 77464 inetutils-traceroute-dbgsym_2.4-2+deb12u3_i386.deb
 f7dc7843822a1ffdcd4572bae4158f72ce7a0d31 69088 inetutils-traceroute_2.4-2+deb12u3_i386.deb
 97af8180f8d774cdf073b1bddd461b8fdb9a40b8 13033 inetutils_2.4-2+deb12u3_i386-buildd.buildinfo
Checksums-Sha256:
 b1149eb55d3b775cc8478da8c84857ea6a59ae42afe2e8cbcdcf83ec2e9dc8fd 139456 inetutils-ftp-dbgsym_2.4-2+deb12u3_i386.deb
 af4f7319abc0293c916a7c70e4bd10849d1c5487db3e7c7ac49a893a05d6dd45 109920 inetutils-ftp_2.4-2+deb12u3_i386.deb
 2aeb7779ddf481448e2a95922f13d2e5df0d7212a8ca7770c333250c567e23e4 172560 inetutils-ftpd-dbgsym_2.4-2+deb12u3_i386.deb
 99a51f6fffbf8e640d02aac03c662e602d100b1b05d9a3726657edefc5d44566 114548 inetutils-ftpd_2.4-2+deb12u3_i386.deb
 679d4bf84c0f08daca2fc07c8261646f649cfe63163ae0876f1c28cecfb0908a 94804 inetutils-inetd-dbgsym_2.4-2+deb12u3_i386.deb
 6a1bb03c6ce582720f1340e30d687566dcf349e615ba95a83f12fa65b1024857 83380 inetutils-inetd_2.4-2+deb12u3_i386.deb
 da4b5d72861ba5d9d0ab5396a54aa1eeee918f6c90beb3f7419be6486107d94c 177344 inetutils-ping-dbgsym_2.4-2+deb12u3_i386.deb
 f62bfa991edf06ab64aa1ee3c6084c387f06ca5bc17597239a27239d90741ad5 89628 inetutils-ping_2.4-2+deb12u3_i386.deb
 1f896b1593752f1d7f3b4b400ce1424b6e6b5592d84418405bef0b3d8019f8ed 101744 inetutils-syslogd-dbgsym_2.4-2+deb12u3_i386.deb
 2387b0589a0ddffc4ad79f56db9429bbbc75f8bcf97baead792d01296ab3c30a 87000 inetutils-syslogd_2.4-2+deb12u3_i386.deb
 229240a987dbed34fec830b664bfbe6d27575426decfe9b0af70389ba90d9ada 78152 inetutils-talk-dbgsym_2.4-2+deb12u3_i386.deb
 834d4dfeebb693612b90de14523b14795c7943d57c980c5a5d3ee26ccbd6fe38 71284 inetutils-talk_2.4-2+deb12u3_i386.deb
 90bd223c7778524f1e0f02a1fab221966c57205cae4873094d08b39fe21ee93e 91660 inetutils-talkd-dbgsym_2.4-2+deb12u3_i386.deb
 6684029c0ab49180af91458af81efc11460030a7a8c5320715e3426fedfceac0 74548 inetutils-talkd_2.4-2+deb12u3_i386.deb
 b0d2893a212d0ebbe7ffa39efd6f1f6c63879728a1f422b55788746b7ca7e814 180732 inetutils-telnet-dbgsym_2.4-2+deb12u3_i386.deb
 0cad2e8639ed5f05f48dd8ecbef71c9906eab51606fed1c712eb6896cac97e1c 123336 inetutils-telnet_2.4-2+deb12u3_i386.deb
 d16418950fa2e67afd2a5086e3b4095d0f1b74cd8e7e044f06e75e6178ffc2d7 162908 inetutils-telnetd-dbgsym_2.4-2+deb12u3_i386.deb
 d26be03e5178643b4ba48549d49813afd0d4906593500d38a4e92c0b6df0dd5e 110720 inetutils-telnetd_2.4-2+deb12u3_i386.deb
 ff0196e8d76c0d8bf661eb84f79fad818486f48e7d7310c26c8facffa704e256 309276 inetutils-tools-dbgsym_2.4-2+deb12u3_i386.deb
 f26848c0fe432a68d159d1a6418ea0c1be99e2373690c8e2a57f68e11d0867a9 103440 inetutils-tools_2.4-2+deb12u3_i386.deb
 06409f434a560f99703ffcaa2d0f491e2e37e33de7dca0f22ba1f0bcb2bf34af 77464 inetutils-traceroute-dbgsym_2.4-2+deb12u3_i386.deb
 e0681ea24ac69c0df5e34a3b76e7a3e290bba41af3ae0d2cb278cc68f8760750 69088 inetutils-traceroute_2.4-2+deb12u3_i386.deb
 8637471fd4de3d805c1cbee6d7833fee42dfb900883b51dd5040ec6c1029c4d2 13033 inetutils_2.4-2+deb12u3_i386-buildd.buildinfo
Files:
 f15ffd3d4366028b56f49112417be19d 139456 debug optional inetutils-ftp-dbgsym_2.4-2+deb12u3_i386.deb
 1531e9747bddab90d2374b6f18d25aca 109920 net optional inetutils-ftp_2.4-2+deb12u3_i386.deb
 6e77c9e058b269cf888ebaad4cc83fbf 172560 debug optional inetutils-ftpd-dbgsym_2.4-2+deb12u3_i386.deb
 e338d9f304763e92a00c063c1ea1f9a2 114548 net optional inetutils-ftpd_2.4-2+deb12u3_i386.deb
 b076fa98a8f5b092805c82d1ef730542 94804 debug optional inetutils-inetd-dbgsym_2.4-2+deb12u3_i386.deb
 500f542d908160f8ae7e3be17605c007 83380 net optional inetutils-inetd_2.4-2+deb12u3_i386.deb
 f94df1da29cdf9b746b1f4c368469c9f 177344 debug optional inetutils-ping-dbgsym_2.4-2+deb12u3_i386.deb
 fb577b6ad1876922af07edc1adb8b98a 89628 net optional inetutils-ping_2.4-2+deb12u3_i386.deb
 6b6e744e68e41c90b5224260ca7c7cfe 101744 debug optional inetutils-syslogd-dbgsym_2.4-2+deb12u3_i386.deb
 c5205015aaf0deeba93eb92c65a2cd2a 87000 net optional inetutils-syslogd_2.4-2+deb12u3_i386.deb
 c59f35c8269ee425e1b4776bc4e58f08 78152 debug optional inetutils-talk-dbgsym_2.4-2+deb12u3_i386.deb
 8897eddb9214686a5055e7c1e27ceffe 71284 net optional inetutils-talk_2.4-2+deb12u3_i386.deb
 802b3feaf61bf7a1f1a1f8f58056d8e0 91660 debug optional inetutils-talkd-dbgsym_2.4-2+deb12u3_i386.deb
 90bf48753990aad1fed03d15e8e4edb8 74548 net optional inetutils-talkd_2.4-2+deb12u3_i386.deb
 bf5012e0b3dd99cabb2fd2a1a0977ee9 180732 debug optional inetutils-telnet-dbgsym_2.4-2+deb12u3_i386.deb
 acd42117632f8f30548ae08c617f83a8 123336 net standard inetutils-telnet_2.4-2+deb12u3_i386.deb
 18cf288f66e77bb6e82cc682de3f3d84 162908 debug optional inetutils-telnetd-dbgsym_2.4-2+deb12u3_i386.deb
 4ba4013635ad772afa22bbf3d807dff6 110720 net optional inetutils-telnetd_2.4-2+deb12u3_i386.deb
 347d920d1fc5fbd321582f02297793bd 309276 debug optional inetutils-tools-dbgsym_2.4-2+deb12u3_i386.deb
 b943147f4039df1709025ce30fda48fe 103440 net optional inetutils-tools_2.4-2+deb12u3_i386.deb
 636c1528a93ee1b5e6ae09095ed1e442 77464 debug optional inetutils-traceroute-dbgsym_2.4-2+deb12u3_i386.deb
 548d117c0208115d2f1e1eee79363123 69088 net optional inetutils-traceroute_2.4-2+deb12u3_i386.deb
 e6849dc72132c74c6db90954637d1a94 13033 net optional inetutils_2.4-2+deb12u3_i386-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEPAUaMA0H0rOy6qBWf2INRiCdaWIFAmnL2/MACgkQf2INRiCd
aWJl4w//fE3nxII/rPYPrRrv2jCVLmKfonc4Xl3+m2lYT5LB2nKw4q9L0q+wxR8c
69jV0e6a1cgSuLr57envsjOaJk93Ohk448iM6C3p8imtsMokI3Em9rQXfNgmaMCt
4C3ZtTDU3VmUWrCLKXgdCLZuOhaKlIia9qqF/6uUKcE2Dnn03VDRCIlNEFt9wGgz
ivzpo1s9sHo4RnmYi1BRKZ+nIAks1vlc3nCesIHZa5x0BHMIQCGIvS42V9qeh5vN
p2TKSR1EQ3vUHSZcqNDJ9jNuYGxu6heUS6UDbFDMGpouNug6DcJakOv/tHwSYlQq
fL1quVzlzMU7GxZeMO33cCx5HvjiemEeAbuJvKNebPluXhh5DvBdhnKef1m+s0lG
EvCMw+UkeXoHBOY+IqZnVDdHGMAYESF39qKeAoSO3CvGbj2QgrWoR9qzDmy3GyGt
SCtn1vpmFGXuL/0Dy6ZEQfigKAKxEvgMYzNCAfkB6seQLFPbkCweaBqBM3otwyIR
dhSrMM0mMbdkNUjtzusAsfDAdQlqHzq4jaN8G0NRzQrCZqeKBxmL+NDHVuzLfmyj
U4tQtv3yFZr3b4xlrEDktzDwqN4MHLyVGOm4jXAvK31TFpwELSN4AxSUHAFgM7Zr
fCSBKi8vp+bhgWmHLpuLb0onrVXtQ2xo/LXoWWKrfZuj0R1MKEE=
=D/i+
-----END PGP SIGNATURE-----