[Git][security-tracker-team/security-tracker][master] Reserve DSA number for inetutils update

Fri, 03 Apr 2026 05:41:33 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
93f67d00 by Salvatore Bonaccorso at 2026-04-03T14:39:53+02:00
Reserve DSA number for inetutils update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -22395,11 +22395,12 @@ CVE-2026-2049 [ZDI-CAN-28618: New Vulnerability 
Report at rgbe.c]
 CVE-2026-28372 (telnetd in GNU inetutils through 2.7 allows privilege 
escalation that  ...)
        {DSA-6144-1}
        - inetutils 2:2.7-3
-       [bookworm] - inetutils <ignored> (Not exploitable with util-linux/login 
Version in Debian bookworm)
+       [bookworm] - inetutils 2:2.4-2+deb12u3
        [bullseye] - inetutils <ignored> (Not exploitable with util-linux/login 
Version in Debian bullseye)
        NOTE: 
https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00000.html
        NOTE: Fixed by: 
https://cgit.git.savannah.gnu.org/cgit/inetutils.git/commit/?id=4db2f19f4caac03c7f4da6363c140bd70df31386
        NOTE: systemd service credentials support for login(1) from util-linux 
introduced in 2.40 release
+       NOTE: Not exploitable with util-linux/logins versions before adding 
this support.
 CVE-2026-2545 (A weakness has been identified in LigeroSmart up to 6.1.26. 
Impacted i ...)
        NOT-FOR-US: LigeroSmart
 CVE-2026-2544 (A security flaw has been discovered in yued-fe LuLu UI up to 
3.0.0. Th ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[03 Apr 2026] DSA-6193-1 inetutils - security update
+       {CVE-2026-32746 CVE-2026-32772}
+       [bookworm] - inetutils 2:2.4-2+deb12u3
+       [trixie] - inetutils 2:2.6-3+deb13u3
 [02 Apr 2026] DSA-6192-1 chromium - security update
        {CVE-2026-5272 CVE-2026-5273 CVE-2026-5274 CVE-2026-5275 CVE-2026-5276 
CVE-2026-5277 CVE-2026-5278 CVE-2026-5279 CVE-2026-5280 CVE-2026-5281 
CVE-2026-5282 CVE-2026-5283 CVE-2026-5284 CVE-2026-5285 CVE-2026-5286 
CVE-2026-5287 CVE-2026-5288 CVE-2026-5289 CVE-2026-5290 CVE-2026-5291 
CVE-2026-5292}
        [bookworm] - chromium 146.0.7680.177-1~deb12u1


=====================================
data/dsa-needed.txt
=====================================
@@ -33,9 +33,6 @@ git-lfs
 --
 imagemagick/oldstable
 --
-inetutils
-  Maintainer prepared debdiff for trixie, next on bookworm
---
 isc-kea/oldstable
 --
 jackson-core



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93f67d000615b2665ba65c9fb2c579e61cea3a40

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/93f67d000615b2665ba65c9fb2c579e61cea3a40
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to