Your message dated Fri, 03 Apr 2026 19:52:54 +0000
with message-id <[email protected]>
and subject line Bug#1130741: fixed in inetutils 2:2.6-3+deb13u3
has caused the Debian Bug report #1130741,
regarding inetutils: CVE-2026-32772
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1130741: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130741
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: inetutils
Version: 2:2.7-3
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for inetutils.
CVE-2026-32772[0]:
| telnet in GNU inetutils through 2.7 allows servers to read arbitrary
| environment variables from clients via NEW_ENVIRON SEND USERVAR.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2026-32772
https://www.cve.org/CVERecord?id=CVE-2026-32772
[1] https://www.openwall.com/lists/oss-security/2026/03/13/1
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: inetutils
Source-Version: 2:2.6-3+deb13u3
Done: Guillem Jover <[email protected]>
We believe that the bug you reported is fixed in the latest version of
inetutils, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Guillem Jover <[email protected]> (supplier of updated inetutils package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 30 Mar 2026 16:44:03 +0200
Source: inetutils
Architecture: source
Version: 2:2.6-3+deb13u3
Distribution: trixie-security
Urgency: high
Maintainer: Guillem Jover <[email protected]>
Changed-By: Guillem Jover <[email protected]>
Closes: 1130741 1130742
Changes:
inetutils (2:2.6-3+deb13u3) trixie-security; urgency=high
.
* Add patches from upstream:
- Ignore all environment options from clients unless the variable was
listed in the new --accept-env telnetd option. This mitigates privilege
escalation using environment variables.
This is the complete fix for CVE-2026-24061, with its own CVE pending.
- Fix stack buffer overflow processing SLC suboption triplets.
Reported by Adiel Sol, Arad Inbar, Erez Cohen, Nir Somech, Ben Grinberg,
Daniel Lubel at DREAM Security Research Team.
Fixes CVE-2026-32746. (Closes: #1130742)
* Add the hashcode-string1 module from forky/sid gnulib, required by the
--accept-env patch.
* Adapt netkit-telnet patch to not leak unexported environment variables to
telnetd. Reported by Justin Swartz <[email protected]>.
Fixes CVE-2026-32772. (Closes: #1130741)
* Prevent user local privilege escalation using --debug, which was
susceptible to symlink attacks, or leaking on-wire credentials to a
user that had pre-created the file and kept it open. Fix by switching
from /tmp/telnet.debug to /run/telnet/debug.<pid>, and making the
setup error checks fatal.
Partially reported by Justin Swartz <[email protected]>.
* Update local telnetd man page to match new --debug behavior.
Checksums-Sha1:
b1efa75df6c4b5f9bde47ccf5ff4503bac12f210 3265 inetutils_2.6-3+deb13u3.dsc
56b49d8705866cfac2f7630bbbd98a3a6ee35b84 87376
inetutils_2.6-3+deb13u3.debian.tar.xz
a1e77ec7f222815c383b002e38ab53ee6587e30f 13772
inetutils_2.6-3+deb13u3_amd64.buildinfo
Checksums-Sha256:
bad8eae566a613de9e9c2970a442780ac7b9fda9b59f6fdf9dd8a5ccb059138e 3265
inetutils_2.6-3+deb13u3.dsc
20ba33bead85302a04e88ff9e3f9225c83be4e19bfd9df0a5ae5bef63c880f35 87376
inetutils_2.6-3+deb13u3.debian.tar.xz
b523732d87a32bbc1f749d2b5b5ca9cbd7bf964fa1fdb664510c9a3cbfef3112 13772
inetutils_2.6-3+deb13u3_amd64.buildinfo
Files:
95df6ca6cca2b1d3ac4e5e836651554b 3265 net optional inetutils_2.6-3+deb13u3.dsc
55552808143ac2773d4aeef751c73a70 87376 net optional
inetutils_2.6-3+deb13u3.debian.tar.xz
5104b7a9bc160f7a678eb07b9e208017 13772 net optional
inetutils_2.6-3+deb13u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
wsG7BAEBCgBvBYJpy9A/CRC5cr8+pK5Xo0cUAAAAAAAeACBzYWx0QG5vdGF0aW9u
cy5zZXF1b2lhLXBncC5vcmdlac9sQvmbQYYwArdqVQL0EB4MnxRdjyGxQ+2tyMoU
VRYhBE8+dPQ2BQwQ9WlldLlyvz6krlejAADNOBAAm5dn8cbtQubydg6dEyTsQT8y
stqyAK5MQhxpx3iEn9T2Zli+F0jTNZRPzJ2JKYRC84m9S8TUN5vVQGSzg/gi2G5f
GJ4vbGsNcrlQZoUd9I66h/8OdhB0/g9BYX9PCcvNOJX2wsP+Uh3CD3YIQndh4OuI
/3XWiowzn2rJnzwZz3F+4d1HjwhfOGqfpjJDZalYc+JHtHIHIaJBztUIdagZQcEj
bE4+hF87xiqu55KbHqJcNX/cURh4zS+qhyjDycVKcBhrHWvorQT+7EUflB1sB1h+
+OkXkJPK3LGWaxeM+ICm6iEU6wCwkGaaE5sv7QPv17Pj7XsgXYGlP1ccwjEZnLVf
R6YfySSrVdlJ5YYAVyONJIQbv60rY2nlwk++cGnb06nvfvtMx7GJGnDg1f6fRXhK
iMGFB2wLaLb1Li6p0EMN/ltBr/LTEOJZGWp/hQXyev8ZcNm5UKUukuoajr9bKRQP
uFLInbVPW5nNOKjCQld5jIwsMcuzGres9ch80G+TODC5bA0iN+OJf5a4cl8fS7ie
goF0M8daAfoKLeijsXNHNDY8GdRNzqE4rmgW0wt436jlYG/rzTtVr/ZCsxkIioXn
+AjiySL7wkG+T91jsFfUtscPaQFl1/gkQI+3BZWKTFpUJzSR5rIaIjTgNu1KrPka
B4tk50lYbGsm0pnz2Xw=
=fCK2
-----END PGP SIGNATURE-----
pgpUISU7lLWfC.pgp
Description: PGP signature
--- End Message ---
