<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38872a147214d15583a37bfe5771e3910c14b40d">38872a14</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2020-04-14T05:31:47+02:00</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Track CVE-2020-10188/inetutils as fixed via unstable

Note though, that Guillem Jover is adding:

   * Add patch from Red Hat / Fedora:

     - Fix arbitrary remote code execution in telnetd via short writes or

       urgent data. Fixes CVE-2020-10188. Closes: #956084

       Thanks to Michal Ruprich <michalruprich@gmail.com>.

       Note: While the PoC exploit does not work on inetutils due to the

       different codebases, the adapted patch was close enough to apply almost

       directly, even though the information leak might appear to still remain.

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38872a147214d15583a37bfe5771e3910c14b40d#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38872a147214d15583a37bfe5771e3910c14b40d">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38872a147214d15583a37bfe5771e3910c14b40d"}}</script>

</p>

</div>

</body>

</html>