Here are the details from the Slackware 15.0 ChangeLog: patches/packages/telnet-0.17-i586-7_slack15.0.txz: Rebuilt. This update fixes a security issue: The nextitem() function in telnetd/utility.c has no bounds checking in the SB (suboption) case. The for(;;) loop scans past nfrontp into uncontrolled memory. This can be exploited by an unauthenticated remote attacker to execute arbitrary code on the server running telnetd. Please note that while telnet itself is a useful utility for network testing, telnetd is a legacy application which should generally not be used. If it is used, it should be used only on isolated networks where there is no expectation of security. Thanks to r1w1s1. For more information, see: https://www.cve.org/CVERecord?id=CVE-2020-10188 (* Security fix *)
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.
Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/telnet-0.17-i586-7_slack15.0.txz
Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/telnet-0.17-x86_64-7_slack15.0.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/telnet-0.17-i686-8.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/telnet-0.17-x86_64-8.txz
Slackware 15.0 package:
10eb364f2d249ba78d42246d930b3508 telnet-0.17-i586-7_slack15.0.txz
Slackware x86_64 15.0 package:
ba5efc35508d71ba7b4a6ddddeb6437d telnet-0.17-x86_64-7_slack15.0.txz
Slackware -current package:
4ec614b7b2b62d09c7fcd3d06f0534ad n/telnet-0.17-i686-8.txz
Slackware x86_64 -current package:
919b8efee781d7ab4b5587d8e0457368 n/telnet-0.17-x86_64-8.txz
Get the latest Linux and open source security news straight to your inbox.
Installation instructions: Upgrade the package as root: # upgradepkg telnet-0.17-i586-7_slack15.0.txz