diff --git a/tcpd-check-finger-presence.patch b/tcpd-check-finger-presence.patch
new file mode 100644
index 0000000..093b0d0
--- /dev/null
+++ b/tcpd-check-finger-presence.patch
@@ -0,0 +1,31 @@
+Index: tcp_wrappers_7.6/safe_finger.c
+===================================================================
+--- tcp_wrappers_7.6.orig/safe_finger.c
++++ tcp_wrappers_7.6/safe_finger.c
+@@ -32,12 +32,10 @@ static char sccsid[] = "@(#) safe_finger
+ 
+ /* Local stuff */
+ 
+-char    path[] = "PATH=/bin:/usr/bin:/usr/sbin";
+-
+ #define	TIME_LIMIT	60		/* Do not keep listinging forever */
+ #define	INPUT_LENGTH	100000		/* Do not keep listinging forever */
+ #define	LINE_LENGTH	128		/* Editors can choke on long lines */
+-#define	FINGER_PROGRAM	"finger"	/* Most, if not all, UNIX systems */
++#define	FINGER_PROGRAM	"/usr/bin/finger"	/* Most, if not all, UNIX systems */
+ #define	UNPRIV_NAME	"nobody"	/* Preferred privilege level */
+ #define	UNPRIV_UGID	32767		/* Default uid and gid */
+ 
+@@ -76,9 +74,9 @@ int main(int argc, char **argv)
+     /*
+      * Redirect our standard input through the raw finger command.
+      */
+-    if (putenv(path)) {
+-	fprintf(stderr, "%s: putenv: out of memory", argv[0]);
+-	exit(1);
++    if (access(FINGER_PROGRAM, X_OK) != 0) {
++	printf("Can not execute " FINGER_PROGRAM ". Please install 'finger' package.\n");
++        return 1;
+     }
+     argv[0] = FINGER_PROGRAM;
+     finger_pid = pipe_stdin(argv);
diff --git a/tcpd.changes b/tcpd.changes
index 36677a1..aeb3def 100644
--- a/tcpd.changes
+++ b/tcpd.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon Jun 30 09:17:56 UTC 2025 - pgajdos@suse.com
+
+- readd safe_finger [bsc#1241401]
+- added patches
+  check whether finger is present
+  + tcpd-check-finger-presence.patch
+
 -------------------------------------------------------------------
 Tue Apr 22 11:20:12 UTC 2025 - pgajdos@suse.com
 
diff --git a/tcpd.spec b/tcpd.spec
index f562140..f9da1e8 100644
--- a/tcpd.spec
+++ b/tcpd.spec
@@ -66,6 +66,8 @@ Patch33:        tcp_wrappers_%{version}-ipv6-mapped-v4.patch
 Patch34:        tcp_wrappers_%{version}-ipv6.fix.fix3.diff
 Patch35:        tcp_wrappers_%{version}-gcc14.patch
 Patch36:        tcp_wrappers_%{version}-gcc15.patch
+# check whether finger is present
+Patch37:        tcpd-check-finger-presence.patch
 BuildRequires:  linux-kernel-headers
 Provides:       nkitb:%{_sbindir}/tcpd
 # bug437293
@@ -141,6 +143,7 @@ to compile and link programs against the TCP wrapper library.
 %patch -P 34
 %patch -P 35 -p1
 %patch -P 36 -p1
+%patch -P 37 -p1
 
 %build
 %global _lto_cflags %{_lto_cflags} -ffat-lto-objects
@@ -154,7 +157,7 @@ install -d -m 755 %{buildroot}%{_sbindir}
 install -d -m 755 %{buildroot}%{_mandir}/man{1,3,5,8}
 install -m 644 ip6utils.h tcpd.h %{buildroot}%{_includedir}
 install -m 644 libwrap.a %{buildroot}/%{_libdir}
-install -m 755 tcpd tcpdchk tcpdmatch try-from %{buildroot}%{_sbindir}
+install -m 755 safe_finger tcpd tcpdchk tcpdmatch try-from %{buildroot}%{_sbindir}
 install -m 644 hosts_access.3 %{buildroot}%{_mandir}/man3
 install -m 644 hosts_access.5 hosts_options.5 %{buildroot}%{_mandir}/man5
 install -m 644 tcpd.8 tcpdchk.8 tcpdmatch.8 %{buildroot}%{_mandir}/man8