-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 30 Aug 2022 13:34:41 +0200
Source: inetutils
Architecture: source
Version: 2:2.0-1+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Guillem Jover <
guillem@debian.org>
Changed-By: Guillem Jover <
guillem@debian.org>
Closes: 945861 993476
Changes:
inetutils (2:2.0-1+deb11u1) bullseye; urgency=medium
.
* telnet: Add checks for option reply parsing limits causing buffer
overflow induced crashes due to long option values.
Fixes CVE-2019-0053. Closes: #945861
* Add patch from upstream to fix infinite loop causing a stack exhaustion
induced crash in telnet client due to malicious server commands.
Closes: #945861
* Fix inetutils-ftp security bug trusting FTP PASV responses.
Fixes CVE-2021-40491. Closes: #993476
* Fix remote DoS vulnerability in inetutils-telnetd, caused by a crash by
a NULL pointer dereference when sending the byte sequences «0xff 0xf7»
or «0xff 0xf8». Found by Pierre Kim and Alexandre Torres. Patch
adapted by Erik Auerswald <
auerswal@unix-ag.uni-kl.de>.
Fixes CVE-2022-39028.
Checksums-Sha1:
4b7400eadb5dfc8206fec4fb1f053e36443c0d68 3088 inetutils_2.0-1+deb11u1.dsc
1d0eec62990382874ab327ba284bd04aa59c9139 77092 inetutils_2.0-1+deb11u1.debian.tar.xz
e924646dcfcd6efb1fadc38fa26a7b7f144bf07d 13131 inetutils_2.0-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
4986475b8b8073984c91b8c8e5fe387e2e7ed9f8af285410e926acc9ee068f0c 3088 inetutils_2.0-1+deb11u1.dsc
9672be3cff46a4de5efec6571a95b28a9510e3187e740ddf25369dfcecc0201e 77092 inetutils_2.0-1+deb11u1.debian.tar.xz
b5fe78aa7b52adece106f92ab65542704c4de8254f1118b2086d825262e3ca16 13131 inetutils_2.0-1+deb11u1_amd64.buildinfo
Files:
2655721a7c5b0f6b479415cbef7c8f16 3088 net optional inetutils_2.0-1+deb11u1.dsc
acae8d28e9edff839c9671549cc1ce02 77092 net optional inetutils_2.0-1+deb11u1.debian.tar.xz
0ed0ed2b3d8683c7b4b3a63e7a60d641 13131 net optional inetutils_2.0-1+deb11u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEETz509DYFDBD1aWV0uXK/PqSuV6MFAmMSZtYACgkQuXK/PqSu V6MFBRAAyOd1aO4+EBZfKZXP88G8G1VqUtN4QZVSpWr4Rn1He2JBGozgxkMPivJK In30AN2wqr+EsURW3ir3gKHNfhCmGVVhMTRfWDeEruAfDI9X10cu3yzd1Zr5irr+ fgyhDk9l33IFZRY+xg1/rSnHkhE373hluGl+otNO0kzZf/J45XRovVVqcbrhblQZ nc/P/9YS9HHdjMa9FiIl1SSaq172qlIsZxzqjTdc2LYp4FH/N41ZpHBwmZ1cA/Ee 0GBOvRZ8zhvRFxWHYRKeqkNBxnoj58N41jtb6OXJeNFzfcwvsTAAgqr62skwIPgH 0iDFkOlZ/ZmwdwzbzmhiwbzxfD3+pFUv9glZf20tQvvRK/OUbia8Om+8Yc/qykew p/ilc83ztLlRrbx4+EncFeyrhXHBw9JlXbAAv3UXYqM9p74sZ1Dzi0do0G+GARsl q0XgOxaLk29Gj7YSqczqbh6Cg1Nqbb9rCi2tjl6sN/g0TLiULxNhhj7inze9U4pb oEMIshsmGCSJ1uH8yQOkZdVkjEHNfr2428g3choTH+APVdWe8Yo3D0KAHCwDUzPk lYHcxzuok0F+7kfSLE+bXeRGeLEhCYMX0AWXYAoq8g4WK+aSSgJ9Xnh0ibvBA+Ij CxUk2LKPCCk/hNjhDaWyZw/3TQj/8fuKZF5NSc7iigqQ9KkN5ao=
=aGei
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)