| Package | inetutils |
|---|---|
| Version | 2:1.9.4-2+deb9u3 (stretch) |
| Related CVEs | CVE-2019-0053 CVE-2023-40303 |
Two vulnerabilities were fixed in inetutils, the GNU network utilities.
CVE-2019-0053
Insufficient validation of environment variables in telnet
CVE-2023-40303
Possible privilege escalation in ftpd, rcp, rlogin, rsh, rshd, and uucpd when a set*id() family function like setuid() fails
For Debian 9 stretch, these problems have been fixed in version 2:1.9.4-2+deb9u3.
We recommend that you upgrade your inetutils packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.