[Git][security-tracker-team/security-tracker][master] Reserve DSA number for inetutils update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Feb 19 20:34:59 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
46869b2d by Salvatore Bonaccorso at 2026-02-19T21:34:30+01:00
Reserve DSA number for inetutils update
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1657,6 +1657,7 @@ CVE-2026-2049 [ZDI-CAN-28618: New Vulnerability Report at rgbe.c]
NOTE: Same fix as for CVE-2026-2050 (main tracked upstream, considered duplicate)
CVE-2026-XXXX [telnetd: don't allow systemd service credentials]
- inetutils 2:2.7-3
+ [trixie] - inetutils 2:2.6-3+deb13u2
[bookworm] - inetutils <ignored> (Not exploitable with util-linux/login Version in Debian bookworm)
NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00000.html
NOTE: Fixed by: https://codeberg.org/inetutils/inetutils/commit/4db2f19f4caac03c7f4da6363c140bd70df31386
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,5 @@
+[19 Feb 2026] DSA-6144-1 inetutils - security update
+ [trixie] - inetutils 2:2.6-3+deb13u2
[19 Feb 2026] DSA-6143-1 libvpx - security update
{CVE-2026-2447}
[bookworm] - libvpx 1.12.0-1+deb12u5
=====================================
data/dsa-needed.txt
=====================================
@@ -31,9 +31,6 @@ gh/oldstable
--
git-lfs
--
-inetutils (carnil)
- Maintainer prepared an update for trixie-security for review
---
jackson-core
--
libreswan/oldstable
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/46869b2d14feeeaa097dff872e888b4bfd386c7a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/46869b2d14feeeaa097dff872e888b4bfd386c7a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260219/a158eb64/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list