Package: inetutils / 2:2.4-2+deb12u2

Metadata

Package Version Patches format
inetutils 2:2.4-2+deb12u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001 ping decode unreachable codes added in RFC 4443.patch | (download)

ping/ping6.c | 12 12 + 0 - 0 !
1 file changed, 12 insertions(+)

 
 [patch] ping: decode unreachable codes added in rfc 4443
0002 ftpd rcp rlogin rsh rshd uucpd fix check set id retu.patch | (download)

ftpd/ftpd.c | 10 7 + 3 - 0 !
src/rcp.c | 39 33 + 6 - 0 !
src/rlogin.c | 11 9 + 2 - 0 !
src/rsh.c | 25 21 + 4 - 0 !
src/rshd.c | 20 17 + 3 - 0 !
src/uucpd.c | 15 13 + 2 - 0 !
6 files changed, 100 insertions(+), 20 deletions(-)

 
 [patch 2/2] ftpd,rcp,rlogin,rsh,rshd,uucpd: fix: check set*id()
 return values

Several setuid(), setgid(), seteuid() and setguid() return values
were not checked in ftpd/rcp/rlogin/rsh/rshd/uucpd code potentially
leading to potential security issues.

Signed-off-by: Jeffrey Bencteux <jeffbencteux@gmail.com>
Signed-off-by: Simon Josefsson <simon@josefsson.org>
Fixes: CVE-2023-40303
Closes: #1049365
upstream/0001 Fix injection bug with bogus user names.patch | (download)

telnetd/utility.c | 9 8 + 1 - 0 !
1 file changed, 8 insertions(+), 1 deletion(-)

 
 [patch 1/2] fix injection bug with bogus user names

Problem reported by Kyu Neushwaistein.
* telnetd/utility.c (_var_short_name):
Ignore user names that start with '-' or contain shell metacharacters.

Signed-off-by: Simon Josefsson <simon@josefsson.org>
upstream/0002 telnetd Sanitize all variable expansions.patch | (download)

telnetd/utility.c | 32 18 + 14 - 0 !
1 file changed, 18 insertions(+), 14 deletions(-)

 
 [patch 2/2] telnetd: sanitize all variable expansions

* telnetd/utility.c (sanitize): New function.
(_var_short_name): Use it for all variables.
0001 build Disable GFDL info files and useless man pages.patch | (download)

Makefile.am | 1 0 + 1 - 0 !
configure.ac | 3 0 + 3 - 0 !
2 files changed, 4 deletions(-)

 
 [patch 1/4] build: disable gfdl info files and useless man pages

We do not install the info file due to GFDL, and because it would
require an inetutils-doc package. Nor the man pages from upstream
generated with help2man as they are problematic for cross-building
and contain no additional information to what is already available
via --help output.

Instead we ship our own proper man pages.

Not forwarded upstream due to GNU policies regarding man pages.
0002 build Use runstatedir for run directory.patch | (download)

paths | 10 5 + 5 - 0 !
1 file changed, 5 insertions(+), 5 deletions(-)

 
 [patch 2/4] build: use runstatedir for /run directory
0003 inetd Change protocol semantics in inetd.conf.patch | (download)

src/inetd.c | 3 1 + 2 - 0 !
1 file changed, 1 insertion(+), 2 deletions(-)

 
 [patch 3/4] inetd: change protocol semantics in inetd.conf

Readd parts of the original patch that got botched when applied
upstream.

* src/inetd.c (getconfigent) [IPV6]: Change default family to IPv4 for "tcp"
and "udp". Change "tcp6" and "udp6" to support IPv4 mapped addresses.

Fixes: commit a12021ee959a88b48cd16e947c671f8f59e29c9d
0004 Use krb5_auth_con_getsendsubkey instead of krb5_auth.patch | (download)

libinetutils/kerberos5.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 [patch 4/4] use krb5_auth_con_getsendsubkey() instead of
 krb5_auth_con_getlocalsubkey()

The latter is not exposed in the headers anymore.