inetutils: 2.3 -> 2.4 · pyrox.dev/nixpkgs@ab3e70a

lol

inetutils: 2.3 -> 2.4

```
GNU inetutils NEWS -- history of user-visible changes.

* Noteworthy changes in release 2.4 (2022-10-25) [stable]

** ifconfig

*** Support specifying prefix netmask lengths in -A.
Patch by Samuel Thibault <samuel.thibault@gnu.org>.

** Hurd: tell pfinet translator interfaces to configure
Patch by Samuel Thibault <samuel.thibault@gnu.org>.

** ftp

*** Avoid crash caused by signed integer overflow resulting in
out-of-bounds buffer access. Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00003.html>.

*** Avoid crash caused by heap buffer overflow. Reported by ZFeiXQ in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00016.html>.

*** Avoid crash caused by NULL pointer dereference. Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00004.html>.

*** Avoid crash caused by infinite macro recursion. Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00005.html>.

** telnetd

*** Avoid crash on 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL). CVE-2022-39028
https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html

** telnet

*** Fix a buffer overflow problem. CVE-2019-0053
https://cgit.freebsd.org/src/commit/?id=14aab889f4e50072a6b914eb95ebbfa939539dad

** tftp

*** Avoid crashing when given unexpected or invalid commands from tty.
Reported by AiDai in
<https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00018.html>.

** Various bugs fixes, internal improvements and clean ups.
Update of gnulib and build fixes for C23.
```

authored by

Thomas Gerbet and committed by

ehmry 3 years ago ab3e70ae d980d354

+3 -8

1 changed file

expand all

pkgs

tools

networking

inetutils

default.nix

+3 -8

pkgs/tools/networking/inetutils/default.nix

··· 1 1 { stdenv, lib, fetchurl, ncurses, perl, help2man 2 - , apparmorRulesFromClosure, fetchpatch 2 + , apparmorRulesFromClosure 3 3 }: 4 4 5 5 stdenv.mkDerivation rec { 6 6 pname = "inetutils"; 7 - version = "2.3"; 7 + version = "2.4"; 8 8 9 9 src = fetchurl { 10 10 url = "mirror://gnu/${pname}/${pname}-${version}.tar.xz"; 11 - sha256 = "sha256-CwG7COKWI8TjuUDyM8lhRR2a+MUGYwGt12pSqV1Rdyw="; 11 + sha256 = "sha256-F4nWsbGlff4qere1M+6fXf2cv1tZuxuzwmEu0I0PaLI="; 12 12 }; 13 13 14 14 outputs = ["out" "apparmor"]; ··· 16 16 patches = [ 17 17 # https://git.congatec.com/yocto/meta-openembedded/commit/3402bfac6b595c622e4590a8ff5eaaa854e2a2a3 18 18 ./inetutils-1_9-PATH_PROCNET_DEV.patch 19 - (fetchpatch { 20 - name = "CVE-2022-39028.patch"; 21 - url = "https://sources.debian.org/data/main/i/inetutils/2%3A2.3-5/debian/patches/inetutils-telnetd-EC_EL_null_deref.patch"; 22 - sha256 = "sha256-NYNDbEk3q3EhQdJaR12JBbnjJIRRpOcKLBF/EJJPiGU="; 23 - }) 24 19 ]; 25 20 26 21 nativeBuildInputs = [ help2man perl /* for `whois' */ ];