Hi, On Sun, Aug 25, 2024 at 04:37:26PM +0200, Simon Josefsson wrote: > Erik Auerswald <auers...@unix-ag.uni-kl.de> writes: > > On Fri, Aug 23, 2024 at 10:56:30PM -0700, Collin Funk wrote: > >> > >> I've pushed the attached patch removing an integer overflow from telnet. > > > > Thanks! Should this be added to NEWS? > > Thanks Collin, and yes please :)
How about the following? ------------8<------------ diff --git a/NEWS b/NEWS index 6d7bfef9..6628917e 100644 --- a/NEWS +++ b/NEWS @@ -25,6 +25,10 @@ when using the --format or --short option. More details in ** Inetutils can now be built with C23 compilers. Except for when configured to support Kerberos 4. +** telnet: Fix integer overflow handling when using any of the commands +'send do', 'send dont', 'send will', or 'send wont' with a numerical +argument. + * Noteworthy changes in release 2.5 (2023-12-29) [stable] ** ftpd, rcp, rlogin, rsh, rshd, uucpd ------------>8------------ Br, Erik
