GitHub - dreamsmasher/inetutils-CVE-2019-0053-Patched-PKGBUILD: A patched Arch Linux PKGBUILD to address CVE-2019-0053 (buffer overflow). Downloads and applies a (currently) unreleased patch from upstream.

inetutils hasn't been updated in 5 years, and neither has the official Arch package. A patch has been released that addresses CVE-2019-0053 (buffer overflow exploit from the use of sprintf instead of snprintf), but there's no official release in sight.

Honestly, there's a lot more wrong with using telnet than just buffer exploits, but this was a high urgency issue that took 10 minutes to address. Waiting on a response from the official maintainers right now, but this repo will do for the meantime.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
.SRCINFO		.SRCINFO
0001-telnetd-Fix-buffer-overflows.patch		0001-telnetd-Fix-buffer-overflows.patch
0037-telnet-Validate-supplied-environment-variables.-CVE-.patch		0037-telnet-Validate-supplied-environment-variables.-CVE-.patch
PKGBUILD		PKGBUILD
README.md		README.md
inetutils.install		inetutils.install
telnetd.pam		telnetd.pam

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.SRCINFO

.SRCINFO

0001-telnetd-Fix-buffer-overflows.patch

0001-telnetd-Fix-buffer-overflows.patch

0037-telnet-Validate-supplied-environment-variables.-CVE-.patch

0037-telnet-Validate-supplied-environment-variables.-CVE-.patch

PKGBUILD

PKGBUILD

README.md

README.md

inetutils.install

inetutils.install

telnetd.pam

telnetd.pam

Repository files navigation

About

Releases

Packages

Languages

dreamsmasher/inetutils-CVE-2019-0053-Patched-PKGBUILD

Folders and files

Latest commit

History

Repository files navigation

About

Resources

Stars

Watchers

Forks

Languages