1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted inetutils 2:2.0-1+deb11u1 (source) into proposed-updates->stab

    From Debian FTP Masters@21:1/5 to All on Sat Sep 3 14:50:02 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Tue, 30 Aug 2022 13:34:41 +0200
    Source: inetutils
    Architecture: source
    Version: 2:2.0-1+deb11u1
    Distribution: bullseye
    Urgency: medium
    Maintainer: Guillem Jover <guillem@debian.org>
    Changed-By: Guillem Jover <guillem@debian.org>
    Closes: 945861 993476
    Changes:
    inetutils (2:2.0-1+deb11u1) bullseye; urgency=medium
    .
    * telnet: Add checks for option reply parsing limits causing buffer
    overflow induced crashes due to long option values.
    Fixes CVE-2019-0053. Closes: #945861
    * Add patch from upstream to fix infinite loop causing a stack exhaustion
    induced crash in telnet client due to malicious server commands.
    Closes: #945861
    * Fix inetutils-ftp security bug trusting FTP PASV responses.
    Fixes CVE-2021-40491. Closes: #993476
    * Fix remote DoS vulnerability in inetutils-telnetd, caused by a crash by
    a NULL pointer dereference when sending the byte sequences «0xff 0xf7»
    or «0xff 0xf8». Found by Pierre Kim and Alexandre Torres. Patch
    adapted by Erik Auerswald <auerswal@unix-ag.uni-kl.de>.
    Fixes CVE-2022-39028.
    Checksums-Sha1:
    4b7400eadb5dfc8206fec4fb1f053e36443c0d68 3088 inetutils_2.0-1+deb11u1.dsc
    1d0eec62990382874ab327ba284bd04aa59c9139 77092 inetutils_2.0-1+deb11u1.debian.tar.xz
    e924646dcfcd6efb1fadc38fa26a7b7f144bf07d 13131 inetutils_2.0-1+deb11u1_amd64.buildinfo
    Checksums-Sha256:
    4986475b8b8073984c91b8c8e5fe387e2e7ed9f8af285410e926acc9ee068f0c 3088 inetutils_2.0-1+deb11u1.dsc
    9672be3cff46a4de5efec6571a95b28a9510e3187e740ddf25369dfcecc0201e 77092 inetutils_2.0-1+deb11u1.debian.tar.xz
    b5fe78aa7b52adece106f92ab65542704c4de8254f1118b2086d825262e3ca16 13131 inetutils_2.0-1+deb11u1_amd64.buildinfo
    Files:
    2655721a7c5b0f6b479415cbef7c8f16 3088 net optional inetutils_2.0-1+deb11u1.dsc
    acae8d28e9edff839c9671549cc1ce02 77092 net optional inetutils_2.0-1+deb11u1.debian.tar.xz
    0ed0ed2b3d8683c7b4b3a63e7a60d641 13131 net optional inetutils_2.0-1+deb11u1_amd64.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEETz509DYFDBD1aWV0uXK/PqSuV6MFAmMSZtYACgkQuXK/PqSu V6MFBRAAyOd1aO4+EBZfKZXP88G8G1VqUtN4QZVSpWr4Rn1He2JBGozgxkMPivJK In30AN2wqr+EsURW3ir3gKHNfhCmGVVhMTRfWDeEruAfDI9X10cu3yzd1Zr5irr+ fgyhDk9l33IFZRY+xg1/rSnHkhE373hluGl+otNO0kzZf/J45XRovVVqcbrhblQZ nc/P/9YS9HHdjMa9FiIl1SSaq172qlIsZxzqjTdc2LYp4FH/N41ZpHBwmZ1cA/Ee 0GBOvRZ8zhvRFxWHYRKeqkNBxnoj58N41jtb6OXJeNFzfcwvsTAAgqr62skwIPgH 0iDFkOlZ/ZmwdwzbzmhiwbzxfD3+pFUv9glZf20tQvvRK/OUbia8Om+8Yc/qykew p/ilc83ztLlRrbx4+EncFeyrhXHBw9JlXbAAv3UXYqM9p74sZ1Dzi0do0G+GARsl q0XgOxaLk29Gj7YSqczqbh6Cg1Nqbb9rCi2tjl6sN/g0TLiULxNhhj7inze9U4pb oEMIshsmGCSJ1uH8yQOkZdVkjEHNfr2428g3choTH+APVdWe8Yo3D0KAHCwDUzPk lYHcxzuok0F+7kfSLE+bXeRGeLEhCYMX0AWXYAoq8g4WK+aSSgJ9Xnh0ibvBA+Ij CxUk2LKPCCk/hNjhDaWyZw/3TQj/8fuKZF5NSc7iigqQ9KkN5ao=
    =aGei
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)