Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted netatalk 3.1.12~ds-8+deb11u2 (source) into oldstable-security
Date: Wed, 27 Nov 2024 23:20:21 +0000
Signed by: Thorsten Alteholz <alteholz@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 27 Nov 2024 22:03:02 +0100
Source: netatalk
Architecture: source
Version: 3.1.12~ds-8+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Netatalk team <pkg-netatalk-devel@lists.alioth.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Changes:
 netatalk (3.1.12~ds-8+deb11u2) bullseye-security; urgency=high
 .
   [ Daniel Markstedt ]
   * CVE-2022-22995
     Harden create_appledesktop_folder.
   * CVE-2024-38439, CVE-2024-38440, CVE-2024-38441
     Harden user login by:
     + Check that input buffer can accommodate null terminator
     + Input buffer null pointer and length checks
Checksums-Sha1:
 62e9a81e9d2d30de8387060a579fa001b55b8fb0 2670 netatalk_3.1.12~ds-8+deb11u2.dsc
 b4e12fc53620fd2a5a2cf870b0cdb623dd1ea939 72016 netatalk_3.1.12~ds-8+deb11u2.debian.tar.xz
 997858476b587b5473c4195100cc74bfa7af3098 11193 netatalk_3.1.12~ds-8+deb11u2_amd64.buildinfo
Checksums-Sha256:
 bfe09e0c1fd84a52e1f136faf0c3f078c34570399a6369d123f9d5f15ccc8f0c 2670 netatalk_3.1.12~ds-8+deb11u2.dsc
 b95b789606d30489046fceb9f0c055d9c2ac9abf1ebfa59c0a1b3f7455313aa0 72016 netatalk_3.1.12~ds-8+deb11u2.debian.tar.xz
 b878dcae307adf9c401d699a0102144e6f60a9d74b465a85b3d2ab49cb0e90e2 11193 netatalk_3.1.12~ds-8+deb11u2_amd64.buildinfo
Files:
 db3cfa03cf41116cbb79eeed1d24b98b 2670 net optional netatalk_3.1.12~ds-8+deb11u2.dsc
 ed961febf679518854f29d1feda0ae99 72016 net optional netatalk_3.1.12~ds-8+deb11u2.debian.tar.xz
 e76d575daaf23850e3a87308e213db1f 11193 net optional netatalk_3.1.12~ds-8+deb11u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmdHpIRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR0TXD/9ItCePznA3o8fLwSwFY7t36KuvZYHJ
+oywWp/Q4BI/FCWfNnS+UeW/Qarg354PGgz06GuuTqekmifIsnBBswjTHqI9SsZZ
OO3z7c4lpVaBcM6lDGvHoB74yzx/k3Q6irLI9kerPbixbk5ahFYKJ3yKJrs+4vaf
k2dcnHjdPMTK+wmqaHvxJ31MYS4PrXakUS/jkWCKuNS94s5WutUs/4BKYQ5K2iCm
d6KCaMkaA4hgeNCzGC11X0gd13GYlW78Pbw9UTbvJBOxbitDrjXmnbl+VkClDeAM
fN8/OENAqZ6ODEa+AXTEpz8MVR0cCkEqmOy0NPMQZXqZwVjpp1GvnTsqJr3TGcUu
4Z3V0lSBD3N2dJLhgMTyRFgsMrhkUwahI0l1/XujyVDEZPhY5A4Y8n6NByMiYPA4
0/iaKVpG5D8LZ0PFXxL2x675tLQn+mS0VVTeTE3AobMRkLjVikfQnysvOusfZ3O5
OyF84Jh2qwaj8GsvlIu7shSe2QHFXNXNorBonl/RFhC98JpvEhQ7HXv+53cJVJVj
EBq15txnJRz2bwuWWo91hoXx8gmGC1yu56uM2d6k7WaLfc5W454ajkwQKKjdl5pc
HNsWTefn2l4dliMHNqiu+dr+Q1UaJNzSa6PkwQoEaGgXTg78ypql/AVZz/zkGTeH
hPUEgySfvJ+QGw==
=wkfW
-----END PGP SIGNATURE-----

News for package netatalk