-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 30 Mar 2026 16:52:10 +0200
Source: inetutils
Binary: inetutils-ftp inetutils-ftp-dbgsym inetutils-ftpd inetutils-ftpd-dbgsym inetutils-inetd inetutils-inetd-dbgsym inetutils-ping inetutils-ping-dbgsym inetutils-syslogd inetutils-syslogd-dbgsym inetutils-talk inetutils-talk-dbgsym inetutils-talkd inetutils-talkd-dbgsym inetutils-telnet inetutils-telnet-dbgsym inetutils-telnetd inetutils-telnetd-dbgsym inetutils-tools inetutils-tools-dbgsym inetutils-traceroute inetutils-traceroute-dbgsym
Architecture: s390x
Version: 2:2.4-2+deb12u3
Distribution: bookworm-security
Urgency: high
Maintainer: s390x Build Daemon (ziehrer) <buildd_s390x-ziehrer@buildd.debian.org>
Changed-By: Guillem Jover <guillem@debian.org>
Description:
 inetutils-ftp - File Transfer Protocol client
 inetutils-ftpd - File Transfer Protocol server
 inetutils-inetd - internet super server
 inetutils-ping - ICMP echo tool
 inetutils-syslogd - system logging daemon
 inetutils-talk - talk to another user
 inetutils-talkd - remote user communication server
 inetutils-telnet - telnet client
 inetutils-telnetd - telnet server
 inetutils-tools - base networking utilities (experimental package)
 inetutils-traceroute - trace the IPv4 route to another host
Closes: 1130741 1130742
Changes:
 inetutils (2:2.4-2+deb12u3) bookworm-security; urgency=high
 .
   * Add patch from upstream:
     - Prevent privilege escalation via telnetd abusing systemd service
       credentials support added to the login(1) implementation of util-linux in
       release 2.40. Reported by Ron Ben Yizhak <ron.benyizhak@safebreach.com>.
       Fixes CVE-2026-28372.
     - Ignore all environment options from clients unless the variable was
       listed in the new --accept-env telnetd option. This mitigates privilege
       escalation using environment variables.
       This is the complete fix for CVE-2026-24061, with its own CVE pending.
     - Fix stack buffer overflow processing SLC suboption triplets.
       Reported by Adiel Sol, Arad Inbar, Erez Cohen, Nir Somech, Ben Grinberg,
       Daniel Lubel at DREAM Security Research Team.
       Fixes CVE-2026-32746. (Closes: #1130742)
   * Add the hashcode-string1 module from forky/sid gnulib adapted to bookworm
     required by the --accept-env patch, and the gl_hash_set, gl_set, gl_xset
     and gl_anyhash bookworm gnulib modules required by hashcode-string1.
     Inject new gnulib modules in lib/Makefile.am.
   * Adapt netkit-telnet patch to not leak unexported environment variables to
     telnetd. Reported by Justin Swartz <justin.swartz@risingedge.co.za>.
     Fixes CVE-2026-32772. (Closes: #1130741)
   * Prevent user local privilege escalation using --debug, which was
     susceptible to symlink attacks, or leaking on-wire credentials to a
     user that had pre-created the file and kept it open. Fix by switching
     from /tmp/telnet.debug to /run/telnet/debug.<pid>, and making the
     setup error checks fatal.
     Partially reported by Justin Swartz <justin.swartz@risingedge.co.za>.
   * Update local telnetd man page to match new --debug behavior.
Checksums-Sha1:
 7efa44a41c8f0043ff8f023a6ba2ef5bd912819f 149380 inetutils-ftp-dbgsym_2.4-2+deb12u3_s390x.deb
 eec5c51cd2625921e9057680f6ccc82e5fcf5966 102540 inetutils-ftp_2.4-2+deb12u3_s390x.deb
 5968358fc5a29c4e60af3aab3360a43d3aa18045 183076 inetutils-ftpd-dbgsym_2.4-2+deb12u3_s390x.deb
 6d8753bf4e1b6a8f51046bf314da951371d9f738 103844 inetutils-ftpd_2.4-2+deb12u3_s390x.deb
 edadade6a05309729d8ce5354db24aebca61e75f 101396 inetutils-inetd-dbgsym_2.4-2+deb12u3_s390x.deb
 04a58e92e51a7c9033726c632ce2681b644b9be6 78668 inetutils-inetd_2.4-2+deb12u3_s390x.deb
 246a42bd25fd268a3bd230832f49427233bc0a1d 176548 inetutils-ping-dbgsym_2.4-2+deb12u3_s390x.deb
 a19f2dadb968b2f47cc417c3ee90f432d4264733 83844 inetutils-ping_2.4-2+deb12u3_s390x.deb
 78f18cfafae55d77f4842b621ebbd69078787ca5 108584 inetutils-syslogd-dbgsym_2.4-2+deb12u3_s390x.deb
 6296fc7eac632ccf476c6b76481cd5507bc80464 81808 inetutils-syslogd_2.4-2+deb12u3_s390x.deb
 34c3f9bfbd96cf50956bb810bf1ae90be69c2f9a 82536 inetutils-talk-dbgsym_2.4-2+deb12u3_s390x.deb
 6e9fb168bed9062c2e1d204cb298f29e994fc36c 67908 inetutils-talk_2.4-2+deb12u3_s390x.deb
 02044d3e04ac77a1b38ee00491aacc2ba091139e 98564 inetutils-talkd-dbgsym_2.4-2+deb12u3_s390x.deb
 af6c17a334c51c963065d7555d2b7a06d1fd5f0a 70624 inetutils-talkd_2.4-2+deb12u3_s390x.deb
 88a63f00ed5d589428b29c9253cab0e42518fdc7 198520 inetutils-telnet-dbgsym_2.4-2+deb12u3_s390x.deb
 047991ee6441d1164d043a34721a65311fd2c2e4 115636 inetutils-telnet_2.4-2+deb12u3_s390x.deb
 8e0e72a915e4655d04e0e20798c77ede657dfe9f 177720 inetutils-telnetd-dbgsym_2.4-2+deb12u3_s390x.deb
 34346c4f4810a1fe1094eab83827f1b6895cd87c 103100 inetutils-telnetd_2.4-2+deb12u3_s390x.deb
 7dd573abe723ce767779227e89ccfd8ba7d6ec5b 317408 inetutils-tools-dbgsym_2.4-2+deb12u3_s390x.deb
 7138973aaebf5068317991aaa5a44ba12e58cc08 97012 inetutils-tools_2.4-2+deb12u3_s390x.deb
 39931f7adcf31302701e3f6683eaca0ca432147a 83176 inetutils-traceroute-dbgsym_2.4-2+deb12u3_s390x.deb
 70161e0a1843a340be4273a5428abae59e8ed216 65904 inetutils-traceroute_2.4-2+deb12u3_s390x.deb
 13eaa0bf513678e410cac8338e61c1b5f4134cff 13040 inetutils_2.4-2+deb12u3_s390x-buildd.buildinfo
Checksums-Sha256:
 410852e9d9fdadab63c56ff1d29ed8aa5aea95b6e1ff58c2e701ff1be453948e 149380 inetutils-ftp-dbgsym_2.4-2+deb12u3_s390x.deb
 35a35d7cb67a4a7a2f48822f2fd3700b443232c209d743da814934410453e213 102540 inetutils-ftp_2.4-2+deb12u3_s390x.deb
 d1ce0b6cd7ce0de6e51ca17662616d8db4224cd28f8f981122612ce8d009161b 183076 inetutils-ftpd-dbgsym_2.4-2+deb12u3_s390x.deb
 c66d19e7503677c6c16eb05a369c9ef2e663561a7237bf4cbc8976be2cb7cd82 103844 inetutils-ftpd_2.4-2+deb12u3_s390x.deb
 cfaf0a7bd520bdc486567d3527fd4a3902828606bf075d398379fd9cd5c15b5c 101396 inetutils-inetd-dbgsym_2.4-2+deb12u3_s390x.deb
 f9544ecad36ae2de589e223abda84327f1babce8d545eba6b861867044548a22 78668 inetutils-inetd_2.4-2+deb12u3_s390x.deb
 59b48ae2e00ae33a592fb803c8a3e20714fcc746676c6e4857b6bb9ca3d42ba4 176548 inetutils-ping-dbgsym_2.4-2+deb12u3_s390x.deb
 0c74fe26b1041555c8ba08f82a091a3c07492099c5119539cbd6a21ddc863370 83844 inetutils-ping_2.4-2+deb12u3_s390x.deb
 05ee53c52ea0afd836ff2b0d29e926860c2a01435c31fa0f08323800ba0614bc 108584 inetutils-syslogd-dbgsym_2.4-2+deb12u3_s390x.deb
 4a03468918bb4de62f46d36c8093db37e7363ed76c68a1135139cf2e6266c703 81808 inetutils-syslogd_2.4-2+deb12u3_s390x.deb
 12c1f2831548635243ea1a01d4586ab17bb3cafa7903dae0cb0a6312113392ca 82536 inetutils-talk-dbgsym_2.4-2+deb12u3_s390x.deb
 d1fa26c9644c72f597ecc7516fb4245ebb95625210712278c7ec8ef8335a8c57 67908 inetutils-talk_2.4-2+deb12u3_s390x.deb
 62bb13c745e8b482ab2860a5b66f657ef2cf2c755cf3314cc923cbb33e4bca9e 98564 inetutils-talkd-dbgsym_2.4-2+deb12u3_s390x.deb
 bf56c5160565d95ddfbd24c5df7553e83b6bef512c177258067614e62e32de8e 70624 inetutils-talkd_2.4-2+deb12u3_s390x.deb
 ebee56ea06ba2c3ce921f1414b1ddb9b37da23e58c33689dc7c55fb6780b7e3b 198520 inetutils-telnet-dbgsym_2.4-2+deb12u3_s390x.deb
 b3cf90d56abf2b21734ea23e05113e7197ffb1686bc8ee1d8525c5bb73564fb3 115636 inetutils-telnet_2.4-2+deb12u3_s390x.deb
 276d34dd570ff43e242ac05e086e536a705dabcf140eaf151448ad678130152d 177720 inetutils-telnetd-dbgsym_2.4-2+deb12u3_s390x.deb
 c32a00d7dbe0d315ce8959d3552e7bf8a83de7ac00c3deb387d79a7d52e42e68 103100 inetutils-telnetd_2.4-2+deb12u3_s390x.deb
 ccd7f485f2873b258c8f0006d574b86509dcc27c847673142bfce96a4df4e6f4 317408 inetutils-tools-dbgsym_2.4-2+deb12u3_s390x.deb
 62dcda248235b0aa0ef47079e4e40ec46b5c974e975406f0cf7d648f568d722c 97012 inetutils-tools_2.4-2+deb12u3_s390x.deb
 fca1e8c3880b06c1b7d2d2e6253143a3779d7dcec988f4a3e9c423fb45c64023 83176 inetutils-traceroute-dbgsym_2.4-2+deb12u3_s390x.deb
 26b5a36e6ad0f4664a5448d9d972685a9d0cd913cedc53fe0492eff3154a015d 65904 inetutils-traceroute_2.4-2+deb12u3_s390x.deb
 734aecb82b3220aae417aba12e42f1c8f30da3df1c2e2fe5e095f6b9be729800 13040 inetutils_2.4-2+deb12u3_s390x-buildd.buildinfo
Files:
 c1613a42a22a9cc3151d6d8282ef3e95 149380 debug optional inetutils-ftp-dbgsym_2.4-2+deb12u3_s390x.deb
 7fe848fa38a818d6f08f729c456ff726 102540 net optional inetutils-ftp_2.4-2+deb12u3_s390x.deb
 e7ed2b2b9c193d342d49ed0599cdb110 183076 debug optional inetutils-ftpd-dbgsym_2.4-2+deb12u3_s390x.deb
 f7ab43ed8716673b37d838647e21a475 103844 net optional inetutils-ftpd_2.4-2+deb12u3_s390x.deb
 6ba5a7a65222695a77c442f5f32019e0 101396 debug optional inetutils-inetd-dbgsym_2.4-2+deb12u3_s390x.deb
 21bdfcf24c5a39789331b1b1d163d019 78668 net optional inetutils-inetd_2.4-2+deb12u3_s390x.deb
 0f8f9375bfbcbd029ae8f1aadd847adf 176548 debug optional inetutils-ping-dbgsym_2.4-2+deb12u3_s390x.deb
 7a035f0e57ffcee2489baddb2738e376 83844 net optional inetutils-ping_2.4-2+deb12u3_s390x.deb
 cd4adacad099df7af35ca0ada208bf09 108584 debug optional inetutils-syslogd-dbgsym_2.4-2+deb12u3_s390x.deb
 527842929d98e7a9500eab6e99541744 81808 net optional inetutils-syslogd_2.4-2+deb12u3_s390x.deb
 12d3f4a05bab00c5d42cb28d69288d0f 82536 debug optional inetutils-talk-dbgsym_2.4-2+deb12u3_s390x.deb
 c4ca430875a64e7fb97d74a64ed88fe5 67908 net optional inetutils-talk_2.4-2+deb12u3_s390x.deb
 d3f80e161357bd0bb2fe8436767db1ab 98564 debug optional inetutils-talkd-dbgsym_2.4-2+deb12u3_s390x.deb
 b8b7c10dcf89c05325f8037f4adb91b8 70624 net optional inetutils-talkd_2.4-2+deb12u3_s390x.deb
 de2fc315ba79a3cc3828c87c437085f0 198520 debug optional inetutils-telnet-dbgsym_2.4-2+deb12u3_s390x.deb
 aea1f7b89ecb881fbc7d655a7f6fb81b 115636 net standard inetutils-telnet_2.4-2+deb12u3_s390x.deb
 4d0181208a23b4e04469a554c033dfde 177720 debug optional inetutils-telnetd-dbgsym_2.4-2+deb12u3_s390x.deb
 1a13a398d3c43867959116a89efa974d 103100 net optional inetutils-telnetd_2.4-2+deb12u3_s390x.deb
 40f8579dafa66a72061dbaed2833045c 317408 debug optional inetutils-tools-dbgsym_2.4-2+deb12u3_s390x.deb
 c784177a3591ec3563f06eabbc4a11b1 97012 net optional inetutils-tools_2.4-2+deb12u3_s390x.deb
 38db799c0fd0fe32c7b89568ac618b42 83176 debug optional inetutils-traceroute-dbgsym_2.4-2+deb12u3_s390x.deb
 04ac30db2b23a71ea194774cb91c1d53 65904 net optional inetutils-traceroute_2.4-2+deb12u3_s390x.deb
 1a1619e5d6d88e44eecfe8c603011775 13040 net optional inetutils_2.4-2+deb12u3_s390x-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEl0BM/nR+Oj597wRWMWUFebkHnoQFAmnL26kACgkQMWUFebkH
noRnSBAAk7jk/IgZxbZP7eXCcgPxY4DKaV/VLN9toDIA+YEs3cUgVN0kB+QehfmZ
8PjBE+jfgA/UkYQb0IyOfcWG4xzhC2Rl6gMnw/d6gL2H2KYHgC4LeB/LPNADmWKc
KgrL7uaY7t3mG1WDTMwpPPqtrPtGmrHA2H2WK68t1HvLsXmyu5pUvdWzTjxbOmh1
PP1BApj18qAS1Qwm54aQRutW5u9/Z/Z/0b72yFV5lDXSLaQ+xpRrUhDII+erJpe9
NL2KaShQw/Etzs765FirsPw3YBFKuWZLdFc+l+GRaBQ8SdmR2zTb2BituTjSP4zo
PaVxodLDbGf7crv8UVnZa2fOI8w/IuHwb0kYgrevYAXtp1Ze36FZfoj/76ZpBeuS
rQQLxLkv4uECY5DrOSyzzKRPGmN1rZFejSIdefxy6XlIxnt0MZoaBQKJAOYrP1yR
sslUeZKgEjFAlWvJcpiG2gPqnqdh2f/U6/J5ZxvSDpdOvzTvRKlRrykG99NpCdGW
hFoJe3cbfEBuNPzBcGVd+D3m9b7idL5v/DMkKFWtA3S+4Y+NC2CEMI4l9D5atEyx
Dh1QqDq5YwHLGXmmwTs7X4ZLYFWzIYuqGN4jw4le+17l52Jpep1nJmbRenW5612j
S6SyPcYemS83mNlqSN8MLCeL7GC9W5FaYIEnHM5/VN6F0KgZrBc=
=PB7N
-----END PGP SIGNATURE-----