Debian Patches

Status for netatalk/3.1.12~ds-8+deb11u1

Patch Description Author Forwarded Bugs Origin Last update
100~20160429~b30a2ba.patch Fix afpd segfault in Spotlight SPARQL parser Andrew Stormont <andyjstormont@gmail.com> yes upstream 2020-09-25
100~20180418~db60d06.patch Fix implicit declarations in become_root() and unbecome_root() Ruben Kerkhof <ruben@rubenkerkhof.com> yes upstream 2020-09-25
100~20180427~57e96d1.patch Avoid bundled libevent Ruben Kerkhof <ruben@rubenkerkhof.com> yes upstream 2020-09-28
100~20200122~32df6e1.patch fix ftbs multiple def of invalid_dircache_entries Andrew Bauer <zonexpertconsulting@outlook.com> yes debian upstream 2020-09-25
100~20200330~0235275.patch Fix use after free in get_tm_used() If get_tm_used encounters a directory
with a name ending in "sparsebundle",
and the logged-in user does not have execute permission
on that directory,
we destroy the infoplist bstring we created,
and move on to the next entry.
Unfortunately, we do not set infoplist to NULL,
and trying to bdestroy infoplist at cleanup time
causes an attempted read of bstring->slen
in a region that was freed.
.
Found with Clang's address sanitizer.		 Jose Quinteiro <github@quinteiro.org> yes upstream 2020-09-25
100~20200330~3bb7423.patch Fix garbage read in bsd_attr_list Calling memmove(3) for one byte more
than what was retrieved by extattr_list_link(2)
causes clang on FreeBSD to complain
about a heap buffer overflow
when we try to read that byte at line 362.
.
Found with Clang's address sanitizer.		 Jose Quinteiro <github@quinteiro.org> yes upstream 2020-09-25
100~20200331~fd1d016.patch Fix sign extension problem in bsd_attr_list() In FreeBSD xattr names can be up to 255 bytes long.
Reading the length byte in an attr list as a signed char
will result in negative values.
.
Noticed by Peter Rutenbar in Sourcefor bug #659.		 Jose Quinteiro <github@quinteiro.org> yes upstream 2020-09-25
101_shared_libs.patch Support linking with system shared libraries Jonas Smedegaard <dr@jones.dk> no 2019-02-14
102_python3.patch Use Python3 Jonas Smedegaard <dr@jones.dk> no 2019-02-15
103_fix_typos.patch Fix user-visible typos in log output and documentation Jonas Smedegaard <dr@jones.dk> no debian 2014-02-11
104_modernize_systemd.patch Modernize Systemd service file Declaring After=syslog.target is unnecessary:
syslog is socket-activated and will therefore be started when needed.		 Jonas Smedegaard <dr@jones.dk> no 2019-02-18
105_cross-compilation.patch Fix support cross-compilation netatalk fails to cross build from source,
because it...
a) fails detecting mysql libraries using mysql_config.
During cross compilation,
mysql_config does not work.
b) runs the build architecture compiler via dtrace.
.
This patch makes netatalk consult pkg-config before mysql_config
and supports exporting the compiler as CC environment variable.		 Helmut Grohne <helmut@subdivi.de> no debian 2020-12-16
106_fix_BerkeleyDB_multiarch_support.patch Fix detect Berkeley DB installed in multiarch location. Helmut Grohne <helmut@subdivi.de> no debian 2018-12-22
114_fix_macusers_ps_parsing.patch Fix output of macusers script for long usernames Will Aoki <waoki@umnh.utah.edu> no debian 2008-04-05
201_embedded_libs.patch Avoid locally embedded shared libraries Jonas Smedegaard <dr@jones.dk> no 2019-02-14
203_init_lsb.patch Source init-functions in init.d-script Adrian Knoth <adi@drcomp.erfurt.thur.de> no 2014-01-28
204_statedir.patch Fix use FHS-compatible state dir /var/lib/netatalk Jonas Smedegaard <dr@jones.dk> no 2019-02-15
CVE-2022-45188.patch CVE-2022-45188 Markus Koschany <apo@debian.org> no debian https://github.com/Netatalk/netatalk/commit/dfab56846e8f454fe0548347ae6437bd12a05925 2023-05-07
CVE-2022-43634.patch CVE-2022-43634 Markus Koschany <apo@debian.org> no debian https://github.com/Netatalk/netatalk/commit/5fcb4ab02aced14484310165b3d754bb2f0820ca 2023-05-07
CVE-2022-23125.patch CVE-2022-23125 Markus Koschany <apo@debian.org> no https://github.com/Netatalk/Netatalk/commit/d801ed421800bcd5df9045f7327c92cd4fc944aa 2023-05-07
CVE-2022-23121.patch CVE-2022-23121 Markus Koschany <apo@debian.org> no https://github.com/Netatalk/Netatalk/commit/62d4013c62be3b1b4a14f37057cb1c8f393c5fd1 2023-05-08
CVE-2021-31439.patch CVE-2021-31439 Markus Koschany <apo@debian.org> no https://github.com/Netatalk/Netatalk/commit/779717df2ed39b701deaf2472b42d59ff50fab7f 2023-05-08
CVE-2022-23123_part1.patch CVE-2022-23123_part1 Markus Koschany <apo@debian.org> no https://github.com/Netatalk/Netatalk/commit/a6fbccb0f2478108add188df023cfbb7428aac33 2023-05-08
CVE-2022-23123_part2.patch CVE-2022-23123_part2
This is also the fix for CVE-2022-23124, CVE-2022-23122 and CVE-2022-0194. All
parts are needed for these issues too.		 Markus Koschany <apo@debian.org> no https://github.com/Netatalk/Netatalk/commit/4a8f6c964d5ca86df27c50e50dc1b60d39c9b76d 2023-05-08
CVE-2022-23123_part3.patch CVE-2022-23123_part3 Markus Koschany <apo@debian.org> no https://github.com/Netatalk/Netatalk/commit/9d0c21298363e8174cdfca657e66c4d10819507b 2023-05-08
CVE-2022-23123_part4.patch CVE-2022-23123_part4 Markus Koschany <apo@debian.org> no https://github.com/Netatalk/Netatalk/commit/4140e5495bac42ecb9b11975229c81e84762cc98 2023-05-08
CVE-2022-23123_part5.patch CVE-2022-23123_part5 Markus Koschany <apo@debian.org> no https://github.com/Netatalk/Netatalk/commit/3ba4dacca4d15dac9c0a007bba522ecc8956a605 2023-05-08
CVE-2022-23121_regression.patch CVE-2022-23121_regression
Fix Input/output error, malformed Appledouble.		 Markus Koschany <apo@debian.org> no 2023-06-01
CVE-2022-23123_part6.patch Fix CVE-2022-23121, CVE-2022-23123 regression Daniel Markstedt <markstedt@gmail.com> no debian upstream, https://github.com/Netatalk/netatalk/commit/7dbde0ce704be7fbdb23e893e05cedced337350d
CVE-2023-42464.patch CVE-2023-42464: Validate data type in dalloc_value_for_key() Daniel Markstedt <daniel@mindani.net> no https://github.com/Netatalk/netatalk/pull/485 2023-09-19

All known versions for source package 'netatalk'

Links