There is 1 open security issue in bullseye.
1 issue left for the package maintainer to handle:
- CVE-2023-40303:
(needs triaging)
GNU inetutils through 2.4 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.
You can find information about how to handle this issue in the security team's documentation.