Ubuntu
netatalk package

netatalk 3.1.12~ds-9ubuntu0.22.04.1 source package in Ubuntu

Changelog

netatalk (3.1.12~ds-9ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: RCE vulnerability
    - debian/patches/CVE-2021-31439.patch: libatalk: apply limit checking
      to DSI write offset
    - CVE-2021-31439
  * SECURITY UPDATE: RCE with root privileges
    - debian/patches/CVE-2022-0194_23122_23123_23124_*.patch: add defines
      for icon lengths, harden ad_entry(), add handling for cases where
      ad_entry() returns NULL, protect against removing AFP metadata xattr,
      avoid setting adouble entries on symlinks
    - debian/patches/CVE-2022-23121-*.patch: apply hardening to
      parse_entries()
    - debian/patches/CVE-2022-23125.patch: harden copyapplfile()
    - debian/patches/CVE-2022-43634.patch: fix dsi_writeinit() function
    - CVE-2022-0194
    - CVE-2022-23121
    - CVE-2022-23122
    - CVE-2022-23123
    - CVE-2022-23124
    - CVE-2022-23125
    - CVE-2022-43634
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2022-45188.patch: fixes the heap-based buffer
      overflow in afp_getappl()
    - CVE-2022-45188

 -- Nishit Majithia <email address hidden>  Thu, 08 Jun 2023 10:01:09 +0530

Upload details

Uploaded by:
Nishit Majithia
Uploaded to:
Jammy
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
netatalk_3.1.12~ds.orig.tar.xz 1.3 MiB fd1161dc17e3263f27204b6589045d56173d13c8e308311b09a6e0a7d1f1ca96
netatalk_3.1.12~ds-9ubuntu0.22.04.1.debian.tar.xz 68.1 KiB 8f3b1789dbb9c3eb5e1c4c2e13755b3ee44eff38968533aa441f838b83c3f5f1
netatalk_3.1.12~ds-9ubuntu0.22.04.1.dsc 2.4 KiB 46c59abcc2ad9087d0bd4682c93036dcefc9e0dc1a30d1501341b4ae188f9ba6

View changes file

Binary packages built by this source

netatalk: Apple Filing Protocol service

 Netatalk is an implementation of the Apple Filing Protocol (AFP),
 for offering file service (mainly) to macOS clients.
 .
 Compared to the Windows-native SMB protocol
 (which is also supported on macOS),
 the Macintosh-native AFP protocol is accessible from a different network,
 can be simpler to setup and faster for some operations
 (e.g. server-to-server copying),
 and some features (e.g. the backup service Time Machine)
 may work more reliably than over SMB.
 .
 This package contains all daemon and utility programs
 as well as Netatalk's libraries.

netatalk-dbgsym: debug symbols for netatalk