Security Information / 2023 / Security Information -- DSA-5503-1 netatalk

Debian Security Advisory

DSA-5503-1 netatalk -- security update

Date Reported:

20 Sep 2023

Affected Packages:

netatalk

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 1051066.
In Mitre's CVE dictionary: CVE-2021-31439, CVE-2022-0194, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123, CVE-2022-23124, CVE-2022-23125, CVE-2022-43634, CVE-2022-45188, CVE-2023-42464.

More information:

Multiple security issues were discovered in Netatalk, an implementation of the Apple Filing Protocol (AFP) for offering file service (mainly) to macOS clients, which may result in the execution of arbitrary code or information disclosure.

For the oldstable distribution (bullseye), these problems have been fixed in version 3.1.12~ds-8+deb11u1.

We recommend that you upgrade your netatalk packages.

For the detailed security status of netatalk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/netatalk