freeipmi - Debian Package Tracker

general

source: freeipmi (main)
version: 1.6.18-1
maintainer: Fabio Fantoni (DMD) (DM)
uploaders: Bernd Zeimetz [DMD]
arch: all
std-ver: 4.7.4
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.6.6-4+deb11u1
oldstable: 1.6.10-1
old-bpo: 1.6.13-2~bpo12+1
stable: 1.6.15-1
testing: 1.6.17-1
unstable: 1.6.18-1

versioned links

1.6.6-4+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.10-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.13-2~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.15-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.17-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.18-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

freeipmi (1 bugs: 0, 1, 0, 0)
freeipmi-bmc-watchdog
freeipmi-common
freeipmi-ipmidetect
freeipmi-ipmiseld
freeipmi-tools (3 bugs: 0, 1, 2, 0)
libfreeipmi-dev
libfreeipmi17
libipmiconsole-dev
libipmiconsole2
libipmidetect-dev
libipmidetect0
libipmimonitoring-dev
libipmimonitoring6

action needed

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2026-50031: ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.

Created: 2026-06-03 Last update: 2026-06-08 11:00

2 security issues in bullseye high

There are 2 open security issues in bullseye.

1 important issue:

CVE-2026-50031: ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.

1 issue postponed or untriaged:

CVE-2026-33554: (postponed; to be fixed through a stable update) ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Three subcommands were found to have exploitable buffer overflows on response messages. They are: "ipmi-oem dell get-last-post-code - get the last POST code and string describing the error on some Dell servers," "ipmi-oem supermicro extra-firmware-info - get extra firmware info on Supermicro servers," and "ipmi-oem wistron read-proprietary-string - read a proprietary string on Wistron servers."

Created: 2026-06-03 Last update: 2026-06-08 11:00

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2025-02-15 Last update: 2026-06-08 03:01

2 low-priority security issues in trixie low

There are 2 open security issues in trixie.

2 issues left for the package maintainer to handle:

CVE-2026-33554: (needs triaging) ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Three subcommands were found to have exploitable buffer overflows on response messages. They are: "ipmi-oem dell get-last-post-code - get the last POST code and string describing the error on some Dell servers," "ipmi-oem supermicro extra-firmware-info - get extra firmware info on Supermicro servers," and "ipmi-oem wistron read-proprietary-string - read a proprietary string on Wistron servers."
CVE-2026-50031: (needs triaging) ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.

You can find information about how to handle these issues in the security team's documentation.

Created: 2026-03-24 Last update: 2026-06-08 11:00

2 low-priority security issues in bookworm low

There are 2 open security issues in bookworm.

2 issues left for the package maintainer to handle:

CVE-2026-33554: (needs triaging) ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Three subcommands were found to have exploitable buffer overflows on response messages. They are: "ipmi-oem dell get-last-post-code - get the last POST code and string describing the error on some Dell servers," "ipmi-oem supermicro extra-firmware-info - get extra firmware info on Supermicro servers," and "ipmi-oem wistron read-proprietary-string - read a proprietary string on Wistron servers."
CVE-2026-50031: (needs triaging) ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors command within FreeIPMI) and remote power control (the ipmipower command). The ipmi-oem client command implements a set of a IPMI OEM commands for specific hardware vendors. If a user has supported hardware, they may wish to use the ipmi-oem command to send a request to a server to retrieve specific information. Two subcommands "ipmi-oem dell get-active-directory-config" and "ipmi-oem fujitsu get-sel-entry-long-text" were found to have exploitable buffer overflows on response messages.

You can find information about how to handle these issues in the security team's documentation.

Created: 2026-03-24 Last update: 2026-06-08 11:00

debian/patches: 1 patch to forward upstream low

Among the 2 debian patches available in version 1.6.18-1 of the package, we noticed the following issues:

1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2026-06-08 Last update: 2026-06-08 07:34

testing migrations

excuses:
- Migration status for freeipmi (1.6.17-1 to 1.6.18-1): Waiting for test results or another package, or too young (no action required now - check later)
- Issues preventing migration:
- ∙ ∙ Autopkgtest for ipmitool/1.8.19-10.1: amd64: No tests, superficial or marked flaky ♻ (reference ♻), arm64: No tests, superficial or marked flaky ♻ (reference ♻), i386: No tests, superficial or marked flaky ♻ (reference ♻), loong64: Test triggered (failure will be ignored), ppc64el: No tests, superficial or marked flaky ♻ (reference ♻), riscv64: No tests, superficial or marked flaky ♻, s390x: No tests, superficial or marked flaky ♻
- ∙ ∙ Autopkgtest for nut/2.8.4+really-2: amd64: Pass, arm64: Pass, i386: Pass, loong64: Test triggered, ppc64el: Pass, riscv64: Pass, s390x: Pass
- ∙ ∙ Autopkgtest for prometheus-ipmi-exporter/1.10.1-1: amd64: Pass, arm64: Pass, i386: Pass, loong64: Test triggered, ppc64el: Pass, riscv64: Pass, s390x: Pass
- ∙ ∙ Autopkgtest for slurm-wlm/25.11.4-1: amd64: Pass, arm64: Pass, i386: Pass, loong64: Test triggered, ppc64el: Pass, riscv64: Pass, s390x: Pass
- ∙ ∙ Too young, only 0 of 5 days old
- Additional info (not blocking):
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/f/freeipmi.html
- ∙ ∙ Reproduced on amd64 - info
- ∙ ∙ Reproduced on arm64 - info
- ∙ ∙ Reproduced on armhf - info
- ∙ ∙ Reproduced on i386 - info
- Not considered

news

[rss feed]

[2026-06-07] Accepted freeipmi 1.6.18-1 (source) into unstable (Fabio Fantoni)
[2026-04-02] freeipmi 1.6.17-1 MIGRATED to testing (Debian testing watch)
[2026-03-27] Accepted freeipmi 1.6.17-1 (source) into unstable (Fabio Fantoni)
[2025-12-05] freeipmi 1.6.16-1 MIGRATED to testing (Debian testing watch)
[2025-11-29] Accepted freeipmi 1.6.16-1 (source) into unstable (Fabio Fantoni)
[2025-09-11] freeipmi 1.6.15-2 MIGRATED to testing (Debian testing watch)
[2025-09-06] Accepted freeipmi 1.6.15-2 (source) into unstable (Fabio Fantoni)
[2025-02-20] freeipmi 1.6.15-1 MIGRATED to testing (Debian testing watch)
[2025-02-14] Accepted freeipmi 1.6.15-1 (source) into unstable (Fabio Fantoni)
[2024-04-01] freeipmi 1.6.13-3 MIGRATED to testing (Debian testing watch)
[2024-03-25] Accepted freeipmi 1.6.13-3 (source) into unstable (Fabio Fantoni)
[2024-02-26] Accepted freeipmi 1.6.13-2~bpo12+1 (source amd64 all) into stable-backports (Debian FTP Masters) (signed by: Bernd Zeimetz)
[2024-02-03] freeipmi 1.6.13-2 MIGRATED to testing (Debian testing watch)
[2024-01-28] Accepted freeipmi 1.6.13-2 (source) into unstable (Fabio Fantoni)
[2024-01-27] Accepted freeipmi 1.6.13-1 (source) into unstable (Fabio Fantoni)
[2023-11-22] freeipmi 1.6.11-2 MIGRATED to testing (Debian testing watch)
[2023-11-17] Accepted freeipmi 1.6.11-2 (source) into unstable (Fabio Fantoni)
[2023-06-20] freeipmi 1.6.11-1 MIGRATED to testing (Debian testing watch)
[2023-06-14] Accepted freeipmi 1.6.11-1 (source) into unstable (Fabio Fantoni)
[2023-06-13] freeipmi 1.6.10-2 MIGRATED to testing (Debian testing watch)
[2023-05-14] Accepted freeipmi 1.6.10-2 (source) into unstable (Fabio Fantoni)
[2022-11-26] freeipmi 1.6.10-1 MIGRATED to testing (Debian testing watch)
[2022-11-20] Accepted freeipmi 1.6.10-1 (source) into unstable (Fabio Fantoni) (signed by: bage@debian.org)
[2022-03-24] Accepted freeipmi 1.6.9-2~bpo11+1 (source amd64 all) into bullseye-backports, bullseye-backports (Debian FTP Masters) (signed by: Bernd Zeimetz)
[2022-03-24] Accepted freeipmi 1.6.6-4+deb11u1~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Bernd Zeimetz)
[2022-02-22] freeipmi 1.6.9-2 MIGRATED to testing (Debian testing watch)
[2022-02-16] Accepted freeipmi 1.6.9-2 (source) into unstable (Fabio Fantoni) (signed by: Bernd Zeimetz)
[2022-01-29] freeipmi 1.6.9-1 MIGRATED to testing (Debian testing watch)
[2022-01-23] Accepted freeipmi 1.6.9-1 (source) into unstable (Fabio Fantoni) (signed by: Bernd Zeimetz)
[2021-12-26] Accepted freeipmi 1.6.8-2 (source) into experimental (Fabio Fantoni) (signed by: bage@debian.org)

bugs [bug history graph]

all: 5
RC: 0
I&N: 3
M&W: 2
F&P: 0
patch: 0

links

homepage
lintian (0, 1)
buildd: logs, reproducibility
popcon
browse source code
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.6.16-1