-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 30 Mar 2026 16:44:03 +0200
Source: inetutils
Binary: inetutils-ftp inetutils-ftp-dbgsym inetutils-ftpd inetutils-ftpd-dbgsym inetutils-inetd inetutils-inetd-dbgsym inetutils-ping inetutils-ping-dbgsym inetutils-syslogd inetutils-syslogd-dbgsym inetutils-talk inetutils-talk-dbgsym inetutils-talkd inetutils-talkd-dbgsym inetutils-telnet inetutils-telnet-dbgsym inetutils-telnetd inetutils-telnetd-dbgsym inetutils-tools inetutils-tools-dbgsym inetutils-traceroute inetutils-traceroute-dbgsym
Architecture: amd64
Version: 2:2.6-3+deb13u3
Distribution: trixie-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Guillem Jover <guillem@debian.org>
Description:
 inetutils-ftp - File Transfer Protocol client
 inetutils-ftpd - File Transfer Protocol server
 inetutils-inetd - internet super server
 inetutils-ping - ICMP echo tool
 inetutils-syslogd - system logging daemon
 inetutils-talk - talk to another user
 inetutils-talkd - remote user communication server
 inetutils-telnet - telnet client
 inetutils-telnetd - telnet server
 inetutils-tools - base networking utilities (experimental package)
 inetutils-traceroute - trace the IPv4 route to another host
Closes: 1130741 1130742
Changes:
 inetutils (2:2.6-3+deb13u3) trixie-security; urgency=high
 .
   * Add patches from upstream:
     - Ignore all environment options from clients unless the variable was
       listed in the new --accept-env telnetd option. This mitigates privilege
       escalation using environment variables.
       This is the complete fix for CVE-2026-24061, with its own CVE pending.
     - Fix stack buffer overflow processing SLC suboption triplets.
       Reported by Adiel Sol, Arad Inbar, Erez Cohen, Nir Somech, Ben Grinberg,
       Daniel Lubel at DREAM Security Research Team.
       Fixes CVE-2026-32746. (Closes: #1130742)
   * Add the hashcode-string1 module from forky/sid gnulib, required by the
     --accept-env patch.
   * Adapt netkit-telnet patch to not leak unexported environment variables to
     telnetd. Reported by Justin Swartz <justin.swartz@risingedge.co.za>.
     Fixes CVE-2026-32772. (Closes: #1130741)
   * Prevent user local privilege escalation using --debug, which was
     susceptible to symlink attacks, or leaking on-wire credentials to a
     user that had pre-created the file and kept it open. Fix by switching
     from /tmp/telnet.debug to /run/telnet/debug.<pid>, and making the
     setup error checks fatal.
     Partially reported by Justin Swartz <justin.swartz@risingedge.co.za>.
   * Update local telnetd man page to match new --debug behavior.
Checksums-Sha1:
 b9115c8f289d71a3f76ecd573d769317aa6b63f2 162208 inetutils-ftp-dbgsym_2.6-3+deb13u3_amd64.deb
 09202369806350eeead6d58bef946a7ae57ba6dc 110372 inetutils-ftp_2.6-3+deb13u3_amd64.deb
 38435d3d1674e7ee5c61094821366362f5153237 192724 inetutils-ftpd-dbgsym_2.6-3+deb13u3_amd64.deb
 292d36633ac152c7d4ee8fe4f396f936bed1f0e4 113156 inetutils-ftpd_2.6-3+deb13u3_amd64.deb
 60db0a61c8b83203d3d9b0e6b5efba88fe14fc60 106744 inetutils-inetd-dbgsym_2.6-3+deb13u3_amd64.deb
 277544cf09cfd302057777ba41aaad83706d2c49 85880 inetutils-inetd_2.6-3+deb13u3_amd64.deb
 c6ba33e57c00385a577dba234f683ed20c3ebd68 203924 inetutils-ping-dbgsym_2.6-3+deb13u3_amd64.deb
 a32c2754384ff8bd12898bba35f8dd3ad19051e3 89996 inetutils-ping_2.6-3+deb13u3_amd64.deb
 c1f2080c1d31132377dd3475c61f0ccefc26fda9 125752 inetutils-syslogd-dbgsym_2.6-3+deb13u3_amd64.deb
 96553b7e1eab74d29ef62862dddbf0165f77394f 92648 inetutils-syslogd_2.6-3+deb13u3_amd64.deb
 3e130f173b2125aa58edae320b666affa5486e96 85728 inetutils-talk-dbgsym_2.6-3+deb13u3_amd64.deb
 926dc2eb4d062fbc0ba603f4341b0683d032fba0 72992 inetutils-talk_2.6-3+deb13u3_amd64.deb
 7b56109992efa65133273d7ffa6a39e00625517d 114164 inetutils-talkd-dbgsym_2.6-3+deb13u3_amd64.deb
 be5e04c63a53d238e446435cf89fdb9f5477e6a2 79732 inetutils-talkd_2.6-3+deb13u3_amd64.deb
 4db71cf98dbde54632f502125dc006112887faf6 231432 inetutils-telnet-dbgsym_2.6-3+deb13u3_amd64.deb
 b87884dcd2d6dfcbef9110cbc307fee22c77d72d 131192 inetutils-telnet_2.6-3+deb13u3_amd64.deb
 a1b18300eed961b6a7eaed2c4cfa99e565f9522f 184412 inetutils-telnetd-dbgsym_2.6-3+deb13u3_amd64.deb
 60c6e819f7cb0a23278413b310961d1e087fc654 111468 inetutils-telnetd_2.6-3+deb13u3_amd64.deb
 703b7befc0f03f64f07cfc5c6207d7abc64e60b6 362820 inetutils-tools-dbgsym_2.6-3+deb13u3_amd64.deb
 8a045987c427653752c6100ce6db1c77a5e43f49 104480 inetutils-tools_2.6-3+deb13u3_amd64.deb
 96d9a0e82959b278212b71531290cd0c4fb8229d 89216 inetutils-traceroute-dbgsym_2.6-3+deb13u3_amd64.deb
 da013a6bdc017802c6e1c15f748b805ada2b3987 70836 inetutils-traceroute_2.6-3+deb13u3_amd64.deb
 d0348d17b2f8d12150140582c64de0d13ca3a853 12972 inetutils_2.6-3+deb13u3_amd64-buildd.buildinfo
Checksums-Sha256:
 2b13c3e10ff168bc300f364219f9b381d95dccf117b8cab12dd85a096ab08ba0 162208 inetutils-ftp-dbgsym_2.6-3+deb13u3_amd64.deb
 fd37f6bbfda28175787a2b42d0f93c870171d4bedd329a28435b0c2d8b011b1e 110372 inetutils-ftp_2.6-3+deb13u3_amd64.deb
 a15114e284c275c5fac1bb2a3079b2a76abb40408b8935ac42d2bb034c509853 192724 inetutils-ftpd-dbgsym_2.6-3+deb13u3_amd64.deb
 2339c7e311996382bf013f391a977527c61c21fa90d9db0bd802ff24ffe1fb08 113156 inetutils-ftpd_2.6-3+deb13u3_amd64.deb
 3afa2754f10e760c06fba26df734e6d3aae09cf4bfe7d84a1fba0aff524b5061 106744 inetutils-inetd-dbgsym_2.6-3+deb13u3_amd64.deb
 fb92e9ed80fc3a33920b8336385fc8f41acb3b30f34998363e26e0a6165e1b29 85880 inetutils-inetd_2.6-3+deb13u3_amd64.deb
 4744b258a200de7ba0dcb6bd83c8d8f64fb30698473c9c12a1b3e77ee35f10ae 203924 inetutils-ping-dbgsym_2.6-3+deb13u3_amd64.deb
 9298f3ed781c23b7aef0d42d39fdce6d6c885f631209ffccb73a5f5e6966223e 89996 inetutils-ping_2.6-3+deb13u3_amd64.deb
 d8a31fe09e0d1ad543713f17a9f2176961a7d39b5433eaac11ea05164c12409f 125752 inetutils-syslogd-dbgsym_2.6-3+deb13u3_amd64.deb
 821c53998d0a9c1c1bf246759c56168608cf1f4ffba4de5b33fa21dbeb708fa2 92648 inetutils-syslogd_2.6-3+deb13u3_amd64.deb
 57b10119b9d308fcab1ff44e38c0af799b25144ea9cf45d82e02dde0a75078e0 85728 inetutils-talk-dbgsym_2.6-3+deb13u3_amd64.deb
 df32bf37c0547d92ef65b8db0d085e0403e959a59a9f48b620b203a590fcead6 72992 inetutils-talk_2.6-3+deb13u3_amd64.deb
 d530de3f5d05aa6c8651d2fe4eb4bce3b8b680643bef26a845acc6ba01a8ddd9 114164 inetutils-talkd-dbgsym_2.6-3+deb13u3_amd64.deb
 b0f2abf8140333ec9742ff99884877efbd1779fa62f2c00bc2270434159c7888 79732 inetutils-talkd_2.6-3+deb13u3_amd64.deb
 95820a511069c761f9e50a6209c73824c69bb075b4307ba706a00b5c175f80f0 231432 inetutils-telnet-dbgsym_2.6-3+deb13u3_amd64.deb
 9b608258e9695c71392f41b19f416de0733cb2d75c2282ffb9c7eb165676c97a 131192 inetutils-telnet_2.6-3+deb13u3_amd64.deb
 5322b613d0364b95ba8299131fd9dcd894fbc337ef5c1b49b1fc76073358bfb7 184412 inetutils-telnetd-dbgsym_2.6-3+deb13u3_amd64.deb
 b5e7378f44e8ee24b20ccdc61b6c8e8c4281a91ac138581da9bc26bc550ed0e4 111468 inetutils-telnetd_2.6-3+deb13u3_amd64.deb
 99a4563f63cda24ec97489cfdd8a2e556a9b95da547f424318b47ecb9f1ea5b8 362820 inetutils-tools-dbgsym_2.6-3+deb13u3_amd64.deb
 0e444716872a0d10a38da0bb3aa83efe1d0931ccf777096e16a016fdd4226c74 104480 inetutils-tools_2.6-3+deb13u3_amd64.deb
 3be1b7832af8733f2719a12123346f005948ff5a585710940288ab837b3d1227 89216 inetutils-traceroute-dbgsym_2.6-3+deb13u3_amd64.deb
 6c6c8c1bf751e1d21fb0418e71df50098e0f7b30f075f91017468ec310011083 70836 inetutils-traceroute_2.6-3+deb13u3_amd64.deb
 2c98114dbddb51cd7bd54661e91e7afb635e3e6c65677e97636723d825247388 12972 inetutils_2.6-3+deb13u3_amd64-buildd.buildinfo
Files:
 2ec0bb74b7eac3409a95978d2b028a52 162208 debug optional inetutils-ftp-dbgsym_2.6-3+deb13u3_amd64.deb
 c7e52fd7c22fd0e504a918d4cbaef4c1 110372 net optional inetutils-ftp_2.6-3+deb13u3_amd64.deb
 1e573497d9e4369e89fabc33f6047778 192724 debug optional inetutils-ftpd-dbgsym_2.6-3+deb13u3_amd64.deb
 e5df4269e4cdb7c05da75cdd0605db4f 113156 net optional inetutils-ftpd_2.6-3+deb13u3_amd64.deb
 668667de8087fb1a0cc030043ea19c54 106744 debug optional inetutils-inetd-dbgsym_2.6-3+deb13u3_amd64.deb
 99874b2f482003a6ccc0289f433930f3 85880 net optional inetutils-inetd_2.6-3+deb13u3_amd64.deb
 c6a3c5017c92236697553a1b5275de1e 203924 debug optional inetutils-ping-dbgsym_2.6-3+deb13u3_amd64.deb
 31c98573850e440736e441b6032644d0 89996 net optional inetutils-ping_2.6-3+deb13u3_amd64.deb
 58741d14d5446a5256c1976ba07a0269 125752 debug optional inetutils-syslogd-dbgsym_2.6-3+deb13u3_amd64.deb
 836f6abbde5297790ac21daaa932fdec 92648 net optional inetutils-syslogd_2.6-3+deb13u3_amd64.deb
 28c2a71b27422c8ed65fb772ee903c4e 85728 debug optional inetutils-talk-dbgsym_2.6-3+deb13u3_amd64.deb
 007aabd226b713ff07a6927cdf169600 72992 net optional inetutils-talk_2.6-3+deb13u3_amd64.deb
 6636d295c73954f09b395110cd377dde 114164 debug optional inetutils-talkd-dbgsym_2.6-3+deb13u3_amd64.deb
 62eb148f9bbcf6b9bfdcb640b3118da9 79732 net optional inetutils-talkd_2.6-3+deb13u3_amd64.deb
 a13a26cc5265409d40bda03c34c0f50b 231432 debug optional inetutils-telnet-dbgsym_2.6-3+deb13u3_amd64.deb
 235716be3869b62bc2c2162582e31837 131192 net standard inetutils-telnet_2.6-3+deb13u3_amd64.deb
 58dc483f22e975262d8af60a6efed8d3 184412 debug optional inetutils-telnetd-dbgsym_2.6-3+deb13u3_amd64.deb
 126499ec4cb2eee2bf261f9fe2f5c795 111468 net optional inetutils-telnetd_2.6-3+deb13u3_amd64.deb
 4c4084d65c697074685e309e50c435ae 362820 debug optional inetutils-tools-dbgsym_2.6-3+deb13u3_amd64.deb
 f3faa3601bc6c3ccbb15b81e9f7e0824 104480 net optional inetutils-tools_2.6-3+deb13u3_amd64.deb
 b8ff9f45178a2e9b395678be8bb2f0e3 89216 debug optional inetutils-traceroute-dbgsym_2.6-3+deb13u3_amd64.deb
 6fb02cc8b45ca9a11d5774c99a81202d 70836 net optional inetutils-traceroute_2.6-3+deb13u3_amd64.deb
 8297dc5f6b5a3a3022e551ed867045df 12972 net optional inetutils_2.6-3+deb13u3_amd64-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmtr4KUMaso2EQ6NrTwt/65ON6zcFAmnL3UwACgkQTwt/65ON
6zenQhAAmu67xm5JK8RGXMFh9jdT7XuHkKSy0MHaJYvmpqTadMItyZk2ilDF+0+I
ypqgnQT9hoZBiE5UHvLO7Hl8olQCbszW+8SSy2Vb5Hfw9pA0ByXdSF7opfl5Grgm
2HLwMGNar2gVqNGQDadIJyG9FdP2Qw1tQwE5NkNV1TbCTs7InvJ9hUexKr2O3r0A
0Q75O3UqtmnHegN4QEjcPU3XT1aTL5ezxZAWRKegjWQnvxtr3RNrqxNEmXvBgYEu
UxFbGYUVGMpreFfrkrrelr1RKBQZXlnO6k65O2p00Wl+EGZV2Lo66Zx6xZpcuM9b
uNIlSjORULvnRfOEGBc+j/Kvpuieg3Tg7rCDxVoQeCu6FyHXUKPLiEBuhug83G7v
Wg1wFoU2wTekWiV8AjHIrSRZBmqAgnnVUHwSnHEmj/K+zzhCxnvGerTThyhEe688
h1RjvTOtPwTIBZx6ZBSsT7vbYX6vPlEpZ839oL7ctWBi7E+nnHPQhDZXh2tMvkR5
z6VUzpefb2118H87U6jysOO4J3uSxb/3RhZR4kN28f6GGrKzYrwxxknJjaZ6jkbE
1wy7t9H0/+gtvb75Y3xkPgl5/+gUpakgPR3QKqtWkPyU0w9I4TLPJWTs6DSb1C2Y
4e243ZZ78AnQ/xAkIOUjTOiT6rUt4LtQ11H95mS3iZckfDrj60g=
=zDj1
-----END PGP SIGNATURE-----