-
netatalk (3.1.12~ds-9ubuntu0.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: RCE vulnerability
- debian/patches/CVE-2021-31439.patch: libatalk: apply limit checking
to DSI write offset
- CVE-2021-31439
* SECURITY UPDATE: RCE with root privileges
- debian/patches/CVE-2022-0194_23122_23123_23124_*.patch: add defines
for icon lengths, harden ad_entry(), add handling for cases where
ad_entry() returns NULL, protect against removing AFP metadata xattr,
avoid setting adouble entries on symlinks
- debian/patches/CVE-2022-23121-*.patch: apply hardening to
parse_entries()
- debian/patches/CVE-2022-23125.patch: harden copyapplfile()
- debian/patches/CVE-2022-43634.patch: fix dsi_writeinit() function
- CVE-2022-0194
- CVE-2022-23121
- CVE-2022-23122
- CVE-2022-23123
- CVE-2022-23124
- CVE-2022-23125
- CVE-2022-43634
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-45188.patch: fixes the heap-based buffer
overflow in afp_getappl()
- CVE-2022-45188
-- Nishit Majithia <email address hidden> Thu, 08 Jun 2023 10:01:09 +0530
-
netatalk (3.1.12~ds-9build1) jammy; urgency=medium
* No-change rebuild against libssl3
-- Steve Langasek <email address hidden> Wed, 08 Dec 2021 23:42:12 +0000
-
netatalk (3.1.12~ds-9) unstable; urgency=medium
* update copyright info:
+ fix typo in comment
+ improve source script copyright-check
+ update copyright info: use Reference field (not License-Reference);
tighten lintian overrides
* declare compliance with Debian Policy 4.6.0
* use debhelper compatibility level 13 (not 12)
* generate up-to-date unicode casefolding code during build;
build-depend on unicode-data
-- Jonas Smedegaard <email address hidden> Mon, 13 Sep 2021 20:12:07 +0200
