diff --git a/helpers/DATA/inetutils/patch_changes/000-fix_injection_bug_with_bogus_user_names.patch b/helpers/DATA/inetutils/patch_changes/000-fix_injection_bug_with_bogus_user_names.patch deleted file mode 100644 index 344d9ab..0000000 --- a/helpers/DATA/inetutils/patch_changes/000-fix_injection_bug_with_bogus_user_names.patch +++ /dev/null @@ -1,34 +0,0 @@ -From fd702c02497b2f398e739e3119bed0b23dd7aa7b Mon Sep 17 00:00:00 2001 -From: Paul Eggert -Date: Tue, 20 Jan 2026 01:10:36 -0800 -Subject: [PATCH] Fix injection bug with bogus user names - -Problem reported by Kyu Neushwaistein. -* telnetd/utility.c (_var_short_name): -Ignore user names that start with '-' or contain shell metacharacters. - -Signed-off-by: Simon Josefsson ---- - telnetd/utility.c | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/telnetd/utility.c b/telnetd/utility.c -index b486226e..c02cd0e6 100644 ---- a/telnetd/utility.c -+++ b/telnetd/utility.c -@@ -1733,7 +1733,14 @@ _var_short_name (struct line_expander *exp) - return user_name ? xstrdup (user_name) : NULL; - - case 'U': -- return getenv ("USER") ? xstrdup (getenv ("USER")) : xstrdup (""); -+ { -+ /* Ignore user names starting with '-' or containing shell -+ metachars, as they can cause trouble. */ -+ char const *u = getenv ("USER"); -+ return xstrdup ((u && *u != '-' -+ && !u[strcspn (u, "\t\n !\"#$&'()*;<=>?[\\^`{|}~")]) -+ ? u : ""); -+ } - - default: - exp->state = EXP_STATE_ERROR; diff --git a/helpers/DATA/inetutils/patch_changes/001-telnetd_sanitize_all_variable_expansions.patch b/helpers/DATA/inetutils/patch_changes/001-telnetd_sanitize_all_variable_expansions.patch deleted file mode 100644 index 8b4653c..0000000 --- a/helpers/DATA/inetutils/patch_changes/001-telnetd_sanitize_all_variable_expansions.patch +++ /dev/null @@ -1,78 +0,0 @@ -From ccba9f748aa8d50a38d7748e2e60362edd6a32cc Mon Sep 17 00:00:00 2001 -From: Simon Josefsson -Date: Tue, 20 Jan 2026 14:02:39 +0100 -Subject: [PATCH] telnetd: Sanitize all variable expansions - -* telnetd/utility.c (sanitize): New function. -(_var_short_name): Use it for all variables. ---- - telnetd/utility.c | 32 ++++++++++++++++++-------------- - 1 file changed, 18 insertions(+), 14 deletions(-) - -diff --git a/telnetd/utility.c b/telnetd/utility.c -index c02cd0e6..b21ad961 100644 ---- a/telnetd/utility.c -+++ b/telnetd/utility.c -@@ -1684,6 +1684,17 @@ static void _expand_cond (struct line_expander *exp); - static void _skip_block (struct line_expander *exp); - static void _expand_block (struct line_expander *exp); - -+static char * -+sanitize (const char *u) -+{ -+ /* Ignore values starting with '-' or containing shell metachars, as -+ they can cause trouble. */ -+ if (u && *u != '-' && !u[strcspn (u, "\t\n !\"#$&'()*;<=>?[\\^`{|}~")]) -+ return u; -+ else -+ return ""; -+} -+ - /* Expand a variable referenced by its short one-symbol name. - Input: exp->cp points to the variable name. - FIXME: not implemented */ -@@ -1710,13 +1721,13 @@ _var_short_name (struct line_expander *exp) - return xstrdup (timebuf); - - case 'h': -- return xstrdup (remote_hostname); -+ return xstrdup (sanitize (remote_hostname)); - - case 'l': -- return xstrdup (local_hostname); -+ return xstrdup (sanitize (local_hostname)); - - case 'L': -- return xstrdup (line); -+ return xstrdup (sanitize (line)); - - case 't': - q = strchr (line + 1, '/'); -@@ -1724,23 +1735,16 @@ _var_short_name (struct line_expander *exp) - q++; - else - q = line; -- return xstrdup (q); -+ return xstrdup (sanitize (q)); - - case 'T': -- return terminaltype ? xstrdup (terminaltype) : NULL; -+ return terminaltype ? xstrdup (sanitize (terminaltype)) : NULL; - - case 'u': -- return user_name ? xstrdup (user_name) : NULL; -+ return user_name ? xstrdup (sanitize (user_name)) : NULL; - - case 'U': -- { -- /* Ignore user names starting with '-' or containing shell -- metachars, as they can cause trouble. */ -- char const *u = getenv ("USER"); -- return xstrdup ((u && *u != '-' -- && !u[strcspn (u, "\t\n !\"#$&'()*;<=>?[\\^`{|}~")]) -- ? u : ""); -- } -+ return xstrdup (sanitize (getenv ("USER"))); - - default: - exp->state = EXP_STATE_ERROR; diff --git a/helpers/make-inetutils b/helpers/make-inetutils index f21bbe4..015b366 100644 --- a/helpers/make-inetutils +++ b/helpers/make-inetutils @@ -17,6 +17,7 @@ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA # +BUILD_UNTIL=12.0 VERSION=0 . ./config @@ -25,8 +26,9 @@ VERSION=0 # Applying these patches is a proactive mitigation effort for known issues and does not # endorse continued use of telnetd. The patch co-author recommends deprecating it. -apply_patch_changes +# Remove patch now applied upstream -changelog "Apply security patches to mitigate known issues proactively; telnetd is not recommended: avoid in production." +changelog "Restore build to upstream changes +Apply security patches to mitigate known issues proactively; telnetd is not recommended: avoid in production." package