Debian Package Tracker
Register | Log in
Subscribe

netatalk

Apple Filing Protocol service

Choose email to subscribe with

general
  • source: netatalk (main)
  • version: 4.2.3~ds-1
  • maintainer: Debian Netatalk team (archive) (DMD)
  • uploaders: Daniel Markstedt [DMD] – Jonas Smedegaard [DMD]
  • arch: all any
  • std-ver: 4.7.2
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 3.1.12~ds-3
  • o-o-sec: 3.1.12~ds-3+deb10u5
  • oldstable: 3.1.12~ds-8+deb11u1
  • old-sec: 3.1.12~ds-8+deb11u2
  • testing: 4.2.1~ds-1
  • unstable: 4.2.3~ds-1
versioned links
  • 3.1.12~ds-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.1.12~ds-3+deb10u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.1.12~ds-8+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 3.1.12~ds-8+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.2.1~ds-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 4.2.3~ds-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • a2boot
  • atalkd
  • libatalk
  • libatalk-dev
  • macipgw
  • netatalk (9 bugs: 0, 8, 1, 0)
  • netatalk-doc
  • netatalk-tests
  • netatalk-tools
  • papd
  • timelord
action needed
3 security issues in buster high

There are 3 open security issues in buster.

3 important issues:
  • CVE-2024-38439: Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[PASSWDLEN] to '\0' in FPLoginExt in login in etc/uams/uams_pam.c.
  • CVE-2024-38440: Netatalk 3.2.0 has an off-by-one error, and resultant heap-based buffer overflow and segmentation violation, because of incorrectly using FPLoginExt in BN_bin2bn in etc/uams/uams_dhx_pam.c. The original issue 1097 report stated: 'The latest version of Netatalk (v3.2.0) contains a security vulnerability. This vulnerability arises due to a lack of validation for the length field after parsing user-provided data, leading to an out-of-bounds heap write of one byte (\0). Under specific configurations, this can result in reading metadata of the next heap block, potentially causing a Denial of Service (DoS) under certain heap layouts or with ASAN enabled. ... The vulnerability is located in the FPLoginExt operation of Netatalk, in the BN_bin2bn function found in /etc/uams/uams_dhx_pam.c ... if (!(bn = BN_bin2bn((unsigned char *)ibuf, KEYSIZE, NULL))) ... threads ... [#0] Id 1, Name: "afpd", stopped 0x7ffff4304e58 in ?? (), reason: SIGSEGV ... [#0] 0x7ffff4304e58 mov BYTE PTR [r14+0x8], 0x0 ... mov rdx, QWORD PTR [rsp+0x18] ... afp_login_ext(obj=<optimized out>, ibuf=0x62d000010424 "", ibuflen=0xffffffffffff0015, rbuf=<optimized out>, rbuflen=<optimized out>) ... afp_over_dsi(obj=0x5555556154c0 <obj>).'
  • CVE-2024-38441: Netatalk 3.2.0 has an off-by-one error and resultant heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName in afp_mapname in etc/afpd/directory.c.
Created: 2024-06-17 Last update: 2024-06-29 19:18
1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:
  • CVE-2022-45188: Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
Created: 2022-11-13 Last update: 2022-11-14 05:14
Depends on packages which need a new maintainer normal
The packages that netatalk depends on which need a new maintainer are:
  • db5.3 (#1055356)
    • Depends: libdb5.3t64 libdb5.3t64
  • db-defaults (#1055344)
    • Build-Depends: libdb-dev
Created: 2023-09-18 Last update: 2025-05-29 00:05
testing migrations
  • excuses:
    • Migration status for netatalk (4.2.1~ds-1 to 4.2.3~ds-1): Waiting for test results or another package, or too young (no action required now - check later)
    • Issues preventing migration:
    • ∙ ∙ Too young, only 15 of 20 days old
    • Additional info:
    • ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/n/netatalk.html
    • ∙ ∙ autopkgtest for netatalk/4.2.3~ds-1: amd64: Pass, arm64: Pass, armel: Pass, armhf: Pass, i386: Pass, ppc64el: Pass, riscv64: Pass, s390x: Pass
    • ∙ ∙ Reproducible on amd64 - info ♻
    • ∙ ∙ Reproducible on arm64 - info ♻
    • ∙ ∙ Waiting for reproducibility test results on armhf - info ♻
    • ∙ ∙ Reproducible on i386 - info ♻
    • ∙ ∙ not blocked: has successful autopkgtest
    • Not considered
news
[rss feed]
  • [2025-05-13] Accepted netatalk 4.2.3~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2025-04-26] netatalk 4.2.1~ds-1 MIGRATED to testing (Debian testing watch)
  • [2025-04-16] Accepted netatalk 4.2.1~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2025-04-12] Accepted netatalk 4.2.0~ds-3 (source) into unstable (Jonas Smedegaard)
  • [2025-04-12] Accepted netatalk 4.2.0~ds-2+exp (source) into experimental (Jonas Smedegaard)
  • [2025-04-08] Accepted netatalk 4.2.0~ds-2 (source) into unstable (Jonas Smedegaard)
  • [2025-04-06] Accepted netatalk 4.2.0~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2025-03-10] netatalk 4.1.2~ds-4 MIGRATED to testing (Debian testing watch)
  • [2025-03-08] Accepted netatalk 4.1.2~ds-4 (source) into unstable (Jonas Smedegaard)
  • [2025-02-25] Accepted netatalk 4.1.2~ds-3 (source) into unstable (Jonas Smedegaard)
  • [2025-02-24] Accepted netatalk 4.1.2~ds-2 (source) into unstable (Jonas Smedegaard)
  • [2025-02-15] netatalk 4.1.2~ds-1 MIGRATED to testing (Debian testing watch)
  • [2025-02-13] Accepted netatalk 4.1.2~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2025-01-28] netatalk 4.1.1~ds-1 MIGRATED to testing (Debian testing watch)
  • [2025-01-24] Accepted netatalk 4.1.1~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2025-01-16] netatalk 4.1.0~ds-1 MIGRATED to testing (Debian testing watch)
  • [2025-01-13] Accepted netatalk 4.1.0~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2024-12-20] netatalk 4.0.8~ds-1 MIGRATED to testing (Debian testing watch)
  • [2024-12-18] Accepted netatalk 4.0.8~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2024-12-08] netatalk 4.0.7~ds-2 MIGRATED to testing (Debian testing watch)
  • [2024-12-06] Accepted netatalk 4.0.7~ds-2 (source) into unstable (Jonas Smedegaard)
  • [2024-11-30] Accepted netatalk 4.0.7~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2024-11-27] Accepted netatalk 3.1.12~ds-8+deb11u2 (source) into oldstable-security (Thorsten Alteholz)
  • [2024-11-19] netatalk 4.0.6~ds-1 MIGRATED to testing (Debian testing watch)
  • [2024-11-16] Accepted netatalk 4.0.6~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2024-11-12] netatalk 4.0.5~ds-1 MIGRATED to testing (Debian testing watch)
  • [2024-11-10] Accepted netatalk 4.0.5~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2024-11-08] Accepted netatalk 4.0.4~ds-2 (source) into unstable (Jonas Smedegaard)
  • [2024-11-07] Accepted netatalk 4.0.4~ds-1 (source) into unstable (Jonas Smedegaard)
  • [2024-11-02] netatalk 4.0.3~ds-2 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 9
  • RC: 0
  • I&N: 8
  • M&W: 1
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian
  • buildd: logs, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 4.2.3~ds-1
  • 40 bugs

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing