-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 30 Mar 2026 16:44:03 +0200 Source: inetutils Binary: inetutils-ftp inetutils-ftp-dbgsym inetutils-ftpd inetutils-ftpd-dbgsym inetutils-inetd inetutils-inetd-dbgsym inetutils-ping inetutils-ping-dbgsym inetutils-syslogd inetutils-syslogd-dbgsym inetutils-talk inetutils-talk-dbgsym inetutils-talkd inetutils-talkd-dbgsym inetutils-telnet inetutils-telnet-dbgsym inetutils-telnetd inetutils-telnetd-dbgsym inetutils-tools inetutils-tools-dbgsym inetutils-traceroute inetutils-traceroute-dbgsym Architecture: i386 Version: 2:2.6-3+deb13u3 Distribution: trixie-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Guillem Jover Description: inetutils-ftp - File Transfer Protocol client inetutils-ftpd - File Transfer Protocol server inetutils-inetd - internet super server inetutils-ping - ICMP echo tool inetutils-syslogd - system logging daemon inetutils-talk - talk to another user inetutils-talkd - remote user communication server inetutils-telnet - telnet client inetutils-telnetd - telnet server inetutils-tools - base networking utilities (experimental package) inetutils-traceroute - trace the IPv4 route to another host Closes: 1130741 1130742 Changes: inetutils (2:2.6-3+deb13u3) trixie-security; urgency=high . * Add patches from upstream: - Ignore all environment options from clients unless the variable was listed in the new --accept-env telnetd option. This mitigates privilege escalation using environment variables. This is the complete fix for CVE-2026-24061, with its own CVE pending. - Fix stack buffer overflow processing SLC suboption triplets. Reported by Adiel Sol, Arad Inbar, Erez Cohen, Nir Somech, Ben Grinberg, Daniel Lubel at DREAM Security Research Team. Fixes CVE-2026-32746. (Closes: #1130742) * Add the hashcode-string1 module from forky/sid gnulib, required by the --accept-env patch. * Adapt netkit-telnet patch to not leak unexported environment variables to telnetd. Reported by Justin Swartz . Fixes CVE-2026-32772. (Closes: #1130741) * Prevent user local privilege escalation using --debug, which was susceptible to symlink attacks, or leaking on-wire credentials to a user that had pre-created the file and kept it open. Fix by switching from /tmp/telnet.debug to /run/telnet/debug., and making the setup error checks fatal. Partially reported by Justin Swartz . * Update local telnetd man page to match new --debug behavior. Checksums-Sha1: 2f396a63fb5d486fc16e2e7d9edb89ff251f7c43 148736 inetutils-ftp-dbgsym_2.6-3+deb13u3_i386.deb 08169efd2351f2f6584136f0972361c6afdf8a11 113320 inetutils-ftp_2.6-3+deb13u3_i386.deb 540f511b28dff5c6991becfe7f822d1afd37ad6d 179216 inetutils-ftpd-dbgsym_2.6-3+deb13u3_i386.deb ade3f0eb910288c580578688d950d6d5f6585c00 117704 inetutils-ftpd_2.6-3+deb13u3_i386.deb d853db9a556827cf08acd16da2ca6185f8b2f110 97840 inetutils-inetd-dbgsym_2.6-3+deb13u3_i386.deb 7bca6d3ee792d379766afb7483f92d83db7c9a63 87268 inetutils-inetd_2.6-3+deb13u3_i386.deb cccb97d6c8c04b94a90325a2af998772ab1d0536 185968 inetutils-ping-dbgsym_2.6-3+deb13u3_i386.deb 875e109a35c227038301c405c6be215352c8dfde 91908 inetutils-ping_2.6-3+deb13u3_i386.deb d509beacc862e73f0292348cedbd52b1fcd7fc8a 115392 inetutils-syslogd-dbgsym_2.6-3+deb13u3_i386.deb 0d4c3188d779a47ef942ef8a40788b3ef9c193ce 94608 inetutils-syslogd_2.6-3+deb13u3_i386.deb c1ce75847e672a37caa8cc97a4dd9c69fbe0d1e8 79468 inetutils-talk-dbgsym_2.6-3+deb13u3_i386.deb fcd49e9ed6c648c5ee414299c104222daa85589b 74056 inetutils-talk_2.6-3+deb13u3_i386.deb 5efc8c6e52698a17f81c4860e96dd0eaffc22254 104524 inetutils-talkd-dbgsym_2.6-3+deb13u3_i386.deb 34c2063e39230f518d60e595fcec924d6b183d1a 81320 inetutils-talkd_2.6-3+deb13u3_i386.deb 8eb46a232b981a7998a9ff8f19210680605ccca0 202912 inetutils-telnet-dbgsym_2.6-3+deb13u3_i386.deb f369baeb74cc79e106ce439162515705dc9637dc 132036 inetutils-telnet_2.6-3+deb13u3_i386.deb 23c2559de66fa408bf0cee037a165e725dbea914 166440 inetutils-telnetd-dbgsym_2.6-3+deb13u3_i386.deb 9701d3669099ab266f6895ad03b852daafebf9d3 113272 inetutils-telnetd_2.6-3+deb13u3_i386.deb 8630e1898b2d67ee6a1c5460bb07511235a01d08 325156 inetutils-tools-dbgsym_2.6-3+deb13u3_i386.deb 31b8f40a8f4bb5435ed7960f2ac64694b47eb7ff 106432 inetutils-tools_2.6-3+deb13u3_i386.deb f7726ebc5022519f1187949b4357c50824da1db5 81408 inetutils-traceroute-dbgsym_2.6-3+deb13u3_i386.deb 7560f4c36274bfe9ea5e7fa7cc6fec0e7c3c4fce 71876 inetutils-traceroute_2.6-3+deb13u3_i386.deb ab551a759c1f8f4c651e2be19d6fa5dd44a145c4 12810 inetutils_2.6-3+deb13u3_i386-buildd.buildinfo Checksums-Sha256: 437aa2b5ad011637b11c147ca3e694e9e00e7692a7bc63b2d979936cc096ccdc 148736 inetutils-ftp-dbgsym_2.6-3+deb13u3_i386.deb 582bb3a08a6a81798c6a2a82efdf3e2747e90d2cf5f275655df87f63b558f6fe 113320 inetutils-ftp_2.6-3+deb13u3_i386.deb a5c4b6423d1bae2b0d7a1dc0a73b89b017783365c4722fd73f1ddda72e1bece7 179216 inetutils-ftpd-dbgsym_2.6-3+deb13u3_i386.deb 486baebef42d2ee83da451b86eadd5b6593b78c3d90796ec115a45be67173153 117704 inetutils-ftpd_2.6-3+deb13u3_i386.deb 5069d4ec3c376bb7077e9ae33f37f44dfea812c53d7d9f88b5f67286d1ab7ad4 97840 inetutils-inetd-dbgsym_2.6-3+deb13u3_i386.deb eb51ae2a637dbd2850f2cca456ec887fbdb06d5cb119f7bfd9d6386f8f9de625 87268 inetutils-inetd_2.6-3+deb13u3_i386.deb 5c5a2d1bddd568f2070c3af619400b0180be19d79a4b158324277dad9db74c23 185968 inetutils-ping-dbgsym_2.6-3+deb13u3_i386.deb ac2f19c0093da5430a53592195d30e8981d9c221dc641a3d116b4ac814fe1a29 91908 inetutils-ping_2.6-3+deb13u3_i386.deb ecdf5d8c289423b0d73eea6a8f89967de7d4b81bb8ccd3c3ab2891fe56395e12 115392 inetutils-syslogd-dbgsym_2.6-3+deb13u3_i386.deb 07683968efa17ccf13cb4152dbb6381ed8434e706f7ce31eb4fb747ce253f4f4 94608 inetutils-syslogd_2.6-3+deb13u3_i386.deb 8cb50db488a740f150694c249f25dd8d68fbcc665aab51a3afd324ebfe85f45e 79468 inetutils-talk-dbgsym_2.6-3+deb13u3_i386.deb ec14e66589672a06962bc461d1097c286c49e4f7bb2b3d88d5a0da3d70aa07a9 74056 inetutils-talk_2.6-3+deb13u3_i386.deb 5bd5806925a9183e4b974b14422b1cbdd370003f8f21a1158158672948c9667c 104524 inetutils-talkd-dbgsym_2.6-3+deb13u3_i386.deb 13ea18d6945a0f3f8947d08be714cc004574226780bddb0831b3f1a07bf2bd4a 81320 inetutils-talkd_2.6-3+deb13u3_i386.deb 3e04aee3bf18a27f550c6335169328793c337e3f6505c5498a2ec016fb79b1c1 202912 inetutils-telnet-dbgsym_2.6-3+deb13u3_i386.deb 1476b0a8da748f9d979d180ee3e3bad38c84dc59f7a8d2411c5e7fdfd804ebae 132036 inetutils-telnet_2.6-3+deb13u3_i386.deb 26cabac2ea8255cf7cefc3541327f71ce673376d8a0796df963a2a816fe2f02f 166440 inetutils-telnetd-dbgsym_2.6-3+deb13u3_i386.deb 543456c56393449279e36bfc39b7ed3e9f53c71e4cbbb59193112a6f12e5d921 113272 inetutils-telnetd_2.6-3+deb13u3_i386.deb 6c82348d23aeb1b7c0444018343d0f3017f33097034a8cf87b5780ffab6bf4c4 325156 inetutils-tools-dbgsym_2.6-3+deb13u3_i386.deb 07ba1a72e9f9cdf971da164b5a6241f3ccc15dc036639eb7109eb35fb024d967 106432 inetutils-tools_2.6-3+deb13u3_i386.deb 943283f95c02518e5642af67d4a583b6e78c2861771b739fa77427f148e48ce9 81408 inetutils-traceroute-dbgsym_2.6-3+deb13u3_i386.deb 216ab80af2ee3efb9dbd2d09c3b5455216bbef86a347e2e515c3eb74951c4e8b 71876 inetutils-traceroute_2.6-3+deb13u3_i386.deb ff1fa45dfa81c3f33b1bb9812271c39365abc2933faaeb8c92749d2e9c070960 12810 inetutils_2.6-3+deb13u3_i386-buildd.buildinfo Files: 1b9cd25f5ecf06d64d9ba121f5b4c7a5 148736 debug optional inetutils-ftp-dbgsym_2.6-3+deb13u3_i386.deb ddae48eaeffc4cb1bc0fdb508bb3a5ed 113320 net optional inetutils-ftp_2.6-3+deb13u3_i386.deb 65ff0ef8836e3ae6fa6a25d3fb45bcbe 179216 debug optional inetutils-ftpd-dbgsym_2.6-3+deb13u3_i386.deb d6af93b868565baabaccaf331651a687 117704 net optional inetutils-ftpd_2.6-3+deb13u3_i386.deb 3ad7fd681d58139d5ea5d0690a8974af 97840 debug optional inetutils-inetd-dbgsym_2.6-3+deb13u3_i386.deb 10889f78c46d21ed3bfc5e920e9ea863 87268 net optional inetutils-inetd_2.6-3+deb13u3_i386.deb 68b5ecfc91cffb224716ecad482e6f28 185968 debug optional inetutils-ping-dbgsym_2.6-3+deb13u3_i386.deb 831b8e83e176cfec3724ff6eadfdcc42 91908 net optional inetutils-ping_2.6-3+deb13u3_i386.deb 902fb35cba79dba7cfcaa3ce9643df60 115392 debug optional inetutils-syslogd-dbgsym_2.6-3+deb13u3_i386.deb 50883c41b7e7af1116beccf93e4ccf6d 94608 net optional inetutils-syslogd_2.6-3+deb13u3_i386.deb dfa30ff651828c01ccc383aff833f9e8 79468 debug optional inetutils-talk-dbgsym_2.6-3+deb13u3_i386.deb 6e372781cbd9a0b42349304d03eb35dd 74056 net optional inetutils-talk_2.6-3+deb13u3_i386.deb 1010d4c1a0426f0168c0aea66d1770ba 104524 debug optional inetutils-talkd-dbgsym_2.6-3+deb13u3_i386.deb ce351e189daa1ffafae285174d4f13cb 81320 net optional inetutils-talkd_2.6-3+deb13u3_i386.deb f2b9fed6b1cbb2ead00cdcf88cb84ef5 202912 debug optional inetutils-telnet-dbgsym_2.6-3+deb13u3_i386.deb d7d0c10f9aa5f7e98e5406d23e7844d0 132036 net standard inetutils-telnet_2.6-3+deb13u3_i386.deb 9f11fd6acf9ad7b4c314fd0b4539497e 166440 debug optional inetutils-telnetd-dbgsym_2.6-3+deb13u3_i386.deb c4eb4adc87d883ed11f2a2a3bfd520ce 113272 net optional inetutils-telnetd_2.6-3+deb13u3_i386.deb 38f0876f15b8d68906414059933f1c4c 325156 debug optional inetutils-tools-dbgsym_2.6-3+deb13u3_i386.deb ed148029a019d0fcbc01887ceb2dac73 106432 net optional inetutils-tools_2.6-3+deb13u3_i386.deb 56e96331a46c2660a18696020eb357d6 81408 debug optional inetutils-traceroute-dbgsym_2.6-3+deb13u3_i386.deb aa62147c62aa4b98cbc4e50586985358 71876 net optional inetutils-traceroute_2.6-3+deb13u3_i386.deb 6927ed0519c44bf5adbd56f19a3b7c81 12810 net optional inetutils_2.6-3+deb13u3_i386-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBDWXQb2umOtH4DRpYg9P9sm2dfEFAmnL3L0ACgkQYg9P9sm2 dfENJQ/+MVwRftwAhZ2PMZm52kmWnGZc68QLrC138JXIbMxco1m/6LYNSV6mek40 QU8s+ho37WODSgL+yKfSMjsGs+A6Z8JLse7oL8hsCybhWoJ4SVAU5GVOSvXyosGH 0mC/fNa2rCddgRIE0B5o59OvUlc6FZm6R77513sHUTFycTHSipXkpyq01ZiSw1tf GXC1L4RUzJiP99dWEcZzGrEjZwEQoyQGj79+CdvnCsh75TD5Z9jtbpEPzPHIEHJO nA1CI15TjjPdWccP1dMdo62Uw+q/3xCWV2KwpV215v3hmwIK1X9UQ4bZ5kd5fnaE jNKn+5X8fLFNSt1GwFtY2snVGkdC9LOTE30yXQfCJmLWX9pTlzDdelPWiezgHZf/ JxJ+Yvsm1WVXXVciZxrOI18N5JhqeTq6LXqB+hQTUhEAvSoNy96r8uxI73R61Q3n pbdhvHrC76kGbkvGsDeSZ6a1A+6SeoebRRTW8K/V9I3nQorEwRdw4X7hlokeTgt2 hejtuFINo7UQkmrMma2vmamtRf/mcXYBa6Al+3/MoX05INaqV+Cf5zfkGfjSudjX CQlVWxQy89GtVe34FPYgkt/Z7YXddayFyp/olUL4NCYAYMGzO+rcGazqjezwSjvv 2HBpuz1s9q5URVx6Pp5BYWFRcaVTxUMsN+gwpUJs4rhitkm8j3M= =haFL -----END PGP SIGNATURE-----