-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 30 Mar 2026 16:52:10 +0200
Source: inetutils
Binary: inetutils-ftp inetutils-ftp-dbgsym inetutils-ftpd inetutils-ftpd-dbgsym inetutils-inetd inetutils-inetd-dbgsym inetutils-ping inetutils-ping-dbgsym inetutils-syslogd inetutils-syslogd-dbgsym inetutils-talk inetutils-talk-dbgsym inetutils-talkd inetutils-talkd-dbgsym inetutils-telnet inetutils-telnet-dbgsym inetutils-telnetd inetutils-telnetd-dbgsym inetutils-tools inetutils-tools-dbgsym inetutils-traceroute inetutils-traceroute-dbgsym
Architecture: ppc64el
Version: 2:2.4-2+deb12u3
Distribution: bookworm-security
Urgency: high
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) <buildd_ppc64el-ppc64el-osuosl-02@buildd.debian.org>
Changed-By: Guillem Jover <guillem@debian.org>
Description:
 inetutils-ftp - File Transfer Protocol client
 inetutils-ftpd - File Transfer Protocol server
 inetutils-inetd - internet super server
 inetutils-ping - ICMP echo tool
 inetutils-syslogd - system logging daemon
 inetutils-talk - talk to another user
 inetutils-talkd - remote user communication server
 inetutils-telnet - telnet client
 inetutils-telnetd - telnet server
 inetutils-tools - base networking utilities (experimental package)
 inetutils-traceroute - trace the IPv4 route to another host
Closes: 1130741 1130742
Changes:
 inetutils (2:2.4-2+deb12u3) bookworm-security; urgency=high
 .
   * Add patch from upstream:
     - Prevent privilege escalation via telnetd abusing systemd service
       credentials support added to the login(1) implementation of util-linux in
       release 2.40. Reported by Ron Ben Yizhak <ron.benyizhak@safebreach.com>.
       Fixes CVE-2026-28372.
     - Ignore all environment options from clients unless the variable was
       listed in the new --accept-env telnetd option. This mitigates privilege
       escalation using environment variables.
       This is the complete fix for CVE-2026-24061, with its own CVE pending.
     - Fix stack buffer overflow processing SLC suboption triplets.
       Reported by Adiel Sol, Arad Inbar, Erez Cohen, Nir Somech, Ben Grinberg,
       Daniel Lubel at DREAM Security Research Team.
       Fixes CVE-2026-32746. (Closes: #1130742)
   * Add the hashcode-string1 module from forky/sid gnulib adapted to bookworm
     required by the --accept-env patch, and the gl_hash_set, gl_set, gl_xset
     and gl_anyhash bookworm gnulib modules required by hashcode-string1.
     Inject new gnulib modules in lib/Makefile.am.
   * Adapt netkit-telnet patch to not leak unexported environment variables to
     telnetd. Reported by Justin Swartz <justin.swartz@risingedge.co.za>.
     Fixes CVE-2026-32772. (Closes: #1130741)
   * Prevent user local privilege escalation using --debug, which was
     susceptible to symlink attacks, or leaking on-wire credentials to a
     user that had pre-created the file and kept it open. Fix by switching
     from /tmp/telnet.debug to /run/telnet/debug.<pid>, and making the
     setup error checks fatal.
     Partially reported by Justin Swartz <justin.swartz@risingedge.co.za>.
   * Update local telnetd man page to match new --debug behavior.
Checksums-Sha1:
 4c2567abe8031a2a6a6503a301c4f64fc13cd3c8 155888 inetutils-ftp-dbgsym_2.4-2+deb12u3_ppc64el.deb
 ab49530fccf08d2ebf7fff8f84afdce74a0c22ab 110060 inetutils-ftp_2.4-2+deb12u3_ppc64el.deb
 d5945909daf00b3c65db6487ae9399d38eb09fb0 192412 inetutils-ftpd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 1f9b06d75819e22f926d45b70bf13f73c7cd2eef 113712 inetutils-ftpd_2.4-2+deb12u3_ppc64el.deb
 17914999af118cb595d7f87bc752d695e679f74e 106184 inetutils-inetd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 fe98269b3088da13b922fcba9b585db01d0ff642 85324 inetutils-inetd_2.4-2+deb12u3_ppc64el.deb
 da7c98f01f9630e343e2ca27fa4d7a802418ffb6 184808 inetutils-ping-dbgsym_2.4-2+deb12u3_ppc64el.deb
 dfccc91ba5f34e68c2066cea817ffe5f68560b85 90488 inetutils-ping_2.4-2+deb12u3_ppc64el.deb
 8416a1c4603219309e77f16cf2d4e3fcd868bc62 113248 inetutils-syslogd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 6ba87719f2855eda4215850be262164a83b4ba93 87884 inetutils-syslogd_2.4-2+deb12u3_ppc64el.deb
 d50b3add2c08023538aaab4613148a5fd9df8b34 86292 inetutils-talk-dbgsym_2.4-2+deb12u3_ppc64el.deb
 ddb745c0e09b22daed42d679a01b1969e647cc71 72576 inetutils-talk_2.4-2+deb12u3_ppc64el.deb
 4f3c0043c8b8993400a7f5ab3e768c8f7e37dda5 102980 inetutils-talkd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 e2e14589f31829f6df928a0f55446c53e380d1af 76860 inetutils-talkd_2.4-2+deb12u3_ppc64el.deb
 657b1148da84ecbb86aaf5afa8ba3965c61e83cc 205604 inetutils-telnet-dbgsym_2.4-2+deb12u3_ppc64el.deb
 b0dcd377e630a9d08c4835ed8c7a37ae1d032ff6 126248 inetutils-telnet_2.4-2+deb12u3_ppc64el.deb
 702f8f432bc655ccc506266d9f8659046fb103f0 184836 inetutils-telnetd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 af898fa036ec056be21a2d796b49d606fb3dc7b2 113652 inetutils-telnetd_2.4-2+deb12u3_ppc64el.deb
 6de21ffd18beab49bcc37334abfb4121d92008ca 329368 inetutils-tools-dbgsym_2.4-2+deb12u3_ppc64el.deb
 646af039e26baddb40590453668bdb87a9284352 106704 inetutils-tools_2.4-2+deb12u3_ppc64el.deb
 ddbb7cd538ae0d56f07f777281bedb1ab46a77c9 86900 inetutils-traceroute-dbgsym_2.4-2+deb12u3_ppc64el.deb
 d7e3dc4dedb723b15205ec9b8ba0d406bec4664c 70740 inetutils-traceroute_2.4-2+deb12u3_ppc64el.deb
 e91c1604bad3dc3c8b7fcb0ba2341032f3734051 13291 inetutils_2.4-2+deb12u3_ppc64el-buildd.buildinfo
Checksums-Sha256:
 5593d51fc8fdb16ebedc085d95e7b32872fa176839282a76252326a0d9ed875b 155888 inetutils-ftp-dbgsym_2.4-2+deb12u3_ppc64el.deb
 eb2dcd02b6ecfeb43644cc0ffb1d5afec844890a4de3de2ab826a425f2571157 110060 inetutils-ftp_2.4-2+deb12u3_ppc64el.deb
 b1d4fed11cd7c23eed8e00fb4eca2474ac6767c1845a3b5cc286b6f7cba53b29 192412 inetutils-ftpd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 1ab7406c4ca785ff23e124ddd4e476584378ca686b41e91447cab6e510758c5c 113712 inetutils-ftpd_2.4-2+deb12u3_ppc64el.deb
 632d7f9ba843ac4cf7cb643b5d112fa2781e92f561022abcb8b74541d4e62090 106184 inetutils-inetd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 981fb9b3a13a7c1d4be973f664d10b0dae6d334de9322e7fda558161c8c00e9c 85324 inetutils-inetd_2.4-2+deb12u3_ppc64el.deb
 61b0022bf9496f1c6c4b2a1b6c90f8be286ed2577ab9dd8dca396a2441f0697b 184808 inetutils-ping-dbgsym_2.4-2+deb12u3_ppc64el.deb
 be9aa3a9db66ee5b7c6954e6952cb572a9b4d0abcc516aa14233529baa9eae8c 90488 inetutils-ping_2.4-2+deb12u3_ppc64el.deb
 68e7b99e2e7f8b1fa6b6e2f8f0740797cc616ed61f37406d3d492015f6f124ff 113248 inetutils-syslogd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 43c9ab7efb125d04b3cd1aa8b591d198248cbd775b498982b16996c9c67de61f 87884 inetutils-syslogd_2.4-2+deb12u3_ppc64el.deb
 f8e468aed26232786f20ece516f796811225e0c71f71a15be0a8dfc246a14a47 86292 inetutils-talk-dbgsym_2.4-2+deb12u3_ppc64el.deb
 c44e3d41caad0fc81a8e3a46ddf67903d9244b6a821b952568182e9bb77c5601 72576 inetutils-talk_2.4-2+deb12u3_ppc64el.deb
 0ee29976daa5a1c104ba0d8271addd1f9602215fbac85531f9c83e26b4e5a4da 102980 inetutils-talkd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 ea9964bd175a9faf3bf3df403b0327796c6913a9a03ce535502dacbdcd042be5 76860 inetutils-talkd_2.4-2+deb12u3_ppc64el.deb
 63b73e5d9bd685250aeeee7730e23b26192a86ccbd1913ce0d772d75b9546382 205604 inetutils-telnet-dbgsym_2.4-2+deb12u3_ppc64el.deb
 1621bd9918f692c29810b20ec9a2803146160d45ed1d2a2962304abdc11f9d2e 126248 inetutils-telnet_2.4-2+deb12u3_ppc64el.deb
 0ca5288caa828752af45b0d9ee2f01e4a3c276b283f3f830807a33562e9ddc24 184836 inetutils-telnetd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 b998d87cd9fd37087e5c073ca9f216f6f81fb3eaec200fe7bc1d9fade8c1e249 113652 inetutils-telnetd_2.4-2+deb12u3_ppc64el.deb
 39f277c69c79a59cd15b9eb2e7725054e40a0aa359fef25f475acabf76fba1b4 329368 inetutils-tools-dbgsym_2.4-2+deb12u3_ppc64el.deb
 f4978747121819493317967650ffdbbd41544c428363f76cd25d621fc1a68232 106704 inetutils-tools_2.4-2+deb12u3_ppc64el.deb
 7299b7c93608cde85459efc18a78c2f9d6a31e6578aabf069b22bf84da3cb742 86900 inetutils-traceroute-dbgsym_2.4-2+deb12u3_ppc64el.deb
 a0c2bf55d6ac488beff22076baddbe65d6c1bfe2e9f0ccbc108a5cd08d244b4e 70740 inetutils-traceroute_2.4-2+deb12u3_ppc64el.deb
 0e0f2e08e523c7abfcd9e24a3fa0d3379423ea86bfbd18847e7fefedc463a6d4 13291 inetutils_2.4-2+deb12u3_ppc64el-buildd.buildinfo
Files:
 5c8ec14445fcbd619fe2949362445b53 155888 debug optional inetutils-ftp-dbgsym_2.4-2+deb12u3_ppc64el.deb
 6db321f3a99ec854895e5fee8ffaa0f4 110060 net optional inetutils-ftp_2.4-2+deb12u3_ppc64el.deb
 ccb6a86043f8cb914169afed56f2b30c 192412 debug optional inetutils-ftpd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 d83ae9c8e0691bc9521a5f89e519ffc0 113712 net optional inetutils-ftpd_2.4-2+deb12u3_ppc64el.deb
 6e116929f4edb541e425251ce427cf7d 106184 debug optional inetutils-inetd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 e239232e247d55777237190c3fb6ca83 85324 net optional inetutils-inetd_2.4-2+deb12u3_ppc64el.deb
 82a93f1aff60e1cf0470e5205087f2e4 184808 debug optional inetutils-ping-dbgsym_2.4-2+deb12u3_ppc64el.deb
 9971120f9d5a546083dfbccb898b60fa 90488 net optional inetutils-ping_2.4-2+deb12u3_ppc64el.deb
 196c94c17f1c484e601c696acb21be36 113248 debug optional inetutils-syslogd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 b29f8c5407000404557e805ac2bd719a 87884 net optional inetutils-syslogd_2.4-2+deb12u3_ppc64el.deb
 41e22759ae0dffe2cec7e30d1e66544e 86292 debug optional inetutils-talk-dbgsym_2.4-2+deb12u3_ppc64el.deb
 ee9e5917714286aef8d8f7287ebb56ed 72576 net optional inetutils-talk_2.4-2+deb12u3_ppc64el.deb
 92ee414489a1cedc8a485dd070f9a0c3 102980 debug optional inetutils-talkd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 82e14d1107707d32fc812b04dd7ea3ed 76860 net optional inetutils-talkd_2.4-2+deb12u3_ppc64el.deb
 1317d24cff33b593b51f127865cd7625 205604 debug optional inetutils-telnet-dbgsym_2.4-2+deb12u3_ppc64el.deb
 c41f2ae4329da1563d26cc4a505eafb8 126248 net standard inetutils-telnet_2.4-2+deb12u3_ppc64el.deb
 a682ce477bf1157c4da717323ea59386 184836 debug optional inetutils-telnetd-dbgsym_2.4-2+deb12u3_ppc64el.deb
 3b9dba5cae02100e200f2dbafc123f1f 113652 net optional inetutils-telnetd_2.4-2+deb12u3_ppc64el.deb
 4c81701f262021fee57b7b2e3db4149d 329368 debug optional inetutils-tools-dbgsym_2.4-2+deb12u3_ppc64el.deb
 1ca29c2404bc4499c4cdc743f2261c7f 106704 net optional inetutils-tools_2.4-2+deb12u3_ppc64el.deb
 fa3aeb0f8ea0c951d3fb152d30fc7352 86900 debug optional inetutils-traceroute-dbgsym_2.4-2+deb12u3_ppc64el.deb
 90d976af7974b02ac6a765f736b511d4 70740 net optional inetutils-traceroute_2.4-2+deb12u3_ppc64el.deb
 a00c3cbf02db0d9198b39929951c7448 13291 net optional inetutils_2.4-2+deb12u3_ppc64el-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYo4fOZBRi9qmvTxH1PowSTJ8+YQFAmnL27cACgkQ1PowSTJ8
+YRf3g/+Ln9R3GcZj6NVnQPg3gMX0uXXRkmnn8g7t/au6+ae9KR7FGUXucEx3xv4
bf2c9kKSvGvZhvuJJOj4YJVxiVkeM0pVK/lm+Hn6ZnmuunU3llAa4Vrujf89IHgX
Id+Dpb8Zxrvu5IaBX5JNcOG3c96fCqXCHxHnGdm3yV506efXqTZC3IJ5cHR6Ajca
nfvFbZiLydSnTBy/EuFnr1VH7Citd6Z1NEu7CVNmkZ4KGhFtoYHP5qhkLvfdyGsE
L0iZWfp+4oQM67OzyFeFcmqULCwsom+RVryeNvlvv/MnPsxcPvC+fVRwtijjLsrl
l2JWT2QNjp0xf6oK532rN/mJOzpH9fDjbrDeq2+4wxo8SmEvmDZQtbG8hV8+lu0r
ym6DfZ4418GOBoynsKwhBBWUCuZ5pMqhPANcY5iidzTbypaWQI+zGMIK/HhxX4kd
7jvr+WjQ9KcFq2wN9eoM71Mk6Gu78h/ap2i+a5s0sJuH9dTcrGVoHIs0MyzBL+4n
1g20Fy34QQQc65wdDz3Z9svO+64SlJBQXp/q+aU9RH7mVOoMpBHckXTFDn8fkQUf
3lK06wfnBE75c7+afYA7QimCz6BI1nLVdYfbQtgjoRsurBbUvm6XNo9bcmOtw54R
M0K2MonJEiqCBNTg7KukeWLThiB5GiL9YcEbfvH1V+Kab1zLdFE=
=LJfO
-----END PGP SIGNATURE-----