Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

inetutils: 2.2 -> 2.4 #175

Merged
merged 3 commits into from
Oct 27, 2023
Merged

inetutils: 2.2 -> 2.4 #175

merged 3 commits into from
Oct 27, 2023

Conversation

jsoo1
Copy link
Collaborator

@jsoo1 jsoo1 commented Oct 27, 2023

r-ryantm and others added 3 commits October 27, 2023 09:59
@r-ryantm @jsoo1
inetutils: 2.2 -> 2.3
6e3de97
@risicle @jsoo1
inetutils: add patch for CVE-2022-39028
8d0848b
@LeSuisse @jsoo1
inetutils: 2.3 -> 2.4
8e39245 
```
GNU inetutils NEWS -- history of user-visible changes.

* Noteworthy changes in release 2.4 (2022-10-25) [stable]

** ifconfig

*** Support specifying prefix netmask lengths in -A.
Patch by Samuel Thibault <[email protected]>.

** Hurd: tell pfinet translator interfaces to configure
Patch by Samuel Thibault <[email protected]>.

** ftp

*** Avoid crash caused by signed integer overflow resulting in
out-of-bounds buffer access.  Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00003.html>.

*** Avoid crash caused by heap buffer overflow.  Reported by ZFeiXQ in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00016.html>.

*** Avoid crash caused by NULL pointer dereference.  Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00004.html>.

*** Avoid crash caused by infinite macro recursion.  Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00005.html>.

** telnetd

*** Avoid crash on 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL).  CVE-2022-39028
https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html

** telnet

*** Fix a buffer overflow problem.  CVE-2019-0053
https://cgit.freebsd.org/src/commit/?id=14aab889f4e50072a6b914eb95ebbfa939539dad

** tftp

*** Avoid crashing when given unexpected or invalid commands from tty.
Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00018.html>.

** Various bugs fixes, internal improvements and clean ups.
Update of gnulib and build fixes for C23.
```
@jsoo1 jsoo1 changed the base branch from master to main October 27, 2023 17:07
@jsoo1 jsoo1 merged commit 1b1e979 into main Oct 27, 2023
1 check passed
@jsoo1 jsoo1 deleted the jsoo1/awake/cve-patches branch October 27, 2023 17:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@baloo baloo baloo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jsoo1 @baloo @r-ryantm @risicle @LeSuisse