[SECURITY] [DSA 5503-1] netatalk security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5503-1] netatalk security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 20 Sep 2023 17:47:57 +0000
Message-id: <[🔎] ZQswTcf4iL2RVkaX@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5503-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
September 20, 2023                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : netatalk
CVE ID         : CVE-2021-31439 CVE-2022-0194 CVE-2022-23121 CVE-2022-23122 
                 CVE-2022-23123 CVE-2022-23124 CVE-2022-23125 CVE-2022-43634 
                 CVE-2022-45188 CVE-2023-42464
Debian Bug     : 1051066

Multiple security issues were discovered in Netatalk, an implementation
of the Apple Filing Protocol (AFP) for offering file service (mainly) to
macOS clients, which may result in the execution of arbitrary code or
information disclosure.
  
For the oldstable distribution (bullseye), these problems have been fixed
in version 3.1.12~ds-8+deb11u1.

We recommend that you upgrade your netatalk packages.

For the detailed security status of netatalk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/netatalk

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmULMA8ACgkQEMKTtsN8
TjYw9xAArA2NN4zvH7wC6Itn5ry9kZhQS4BhkCk10WXd0L77k2qzRRTMMw9OBmNn
Lk5w3/9oJhqBmtNkLerfBCSMA1aQFQfWOefJnywY/2lYYSS6Uc18Xze78CW4w2O1
/EkK836N6vSVuptjlcvTFGc61XUpbaZJ8CN4ipb2A0tNgp7Ja+Hrz4RgnrS2ppKP
gmNuZ5iDcX9N9PohNPTnHc4jQkRscuPN1lsPDrc0OP4E2V7oFm8G7EKexO9BtREq
eznaj0Bkcbvddquqz4dnPXOYjkXzoedvGYmI2J5EigIiBMNugL02zExbuhVCmVNl
it29LDVAbgNpPgbUi9NRRe9EMXHI+XFgp/xB34jtyq3617SBPLelLBP/e41Bqnua
E8C+37uxvIcSgbVibpzhtHkiXTffOpqR3mduXG/VrbuvqO7yzw1sjXrks867wV1Q
rQPbX1O99sY+wg69jdyS/QTUQYHkDSGW2Ud+9u7Pv6Bkh/ibXIxHcNiWKaE2LPJi
a8mWurmV/r4l325E09jJGxZON4CKiU50+FMKLi8Eo+uXdKDL+dyey9GQBBWQIU0n
zg4oJQ/59oGnTib2C52hyZU6xtQbdCceqP2M+4/x75xtCkR5pLcvTnDqRBvnyYBv
REbFCz3X46cdxzkbeu/SQWIBLAGXv7yktz8YX8y5Q6h4798FpVY=
=jmG2
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5502-1] xrdp security update
Next by Date: [SECURITY] [DSA 5504-1] bind9 security update
Previous by thread: [SECURITY] [DSA 5502-1] xrdp security update
Next by thread: [SECURITY] [DSA 5504-1] bind9 security update
Index(es):
- Date
- Thread