[ubuntu/jammy-updates] netatalk 3.1.12~ds-9ubuntu0.22.04.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Jun 8 10:28:16 UTC 2023
netatalk (3.1.12~ds-9ubuntu0.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: RCE vulnerability
- debian/patches/CVE-2021-31439.patch: libatalk: apply limit checking
to DSI write offset
- CVE-2021-31439
* SECURITY UPDATE: RCE with root privileges
- debian/patches/CVE-2022-0194_23122_23123_23124_*.patch: add defines
for icon lengths, harden ad_entry(), add handling for cases where
ad_entry() returns NULL, protect against removing AFP metadata xattr,
avoid setting adouble entries on symlinks
- debian/patches/CVE-2022-23121-*.patch: apply hardening to
parse_entries()
- debian/patches/CVE-2022-23125.patch: harden copyapplfile()
- debian/patches/CVE-2022-43634.patch: fix dsi_writeinit() function
- CVE-2022-0194
- CVE-2022-23121
- CVE-2022-23122
- CVE-2022-23123
- CVE-2022-23124
- CVE-2022-23125
- CVE-2022-43634
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-45188.patch: fixes the heap-based buffer
overflow in afp_getappl()
- CVE-2022-45188
Date: 2023-06-08 05:06:06.936695+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/netatalk/3.1.12~ds-9ubuntu0.22.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list