Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
PUBLIC_REPOS
/
buildroot
kopia lustrzana git://git.buildroot.net/buildroot
2
1
Forkuj 0
Pliki
Przeglądaj źródła

package/netatalk: security bump to version 3.1.19

Fixes the following security issues:

CVE-2024-38439: Netatalk 3.2.0 has an off-by-one error and resultant
heap-based buffer overflow because of setting ibuf[PASSWDLEN] to '\0' in
FPLoginExt in login in etc/uams/uams_pam.c.

https://github.com/advisories/GHSA-pcmr-ff73-xcj5

CVE-2024-38440: Netatalk 3.2.0 has an off-by-one error and resultant
heap-based buffer overflow because of incorrectly using FPLoginExt in
BN_bin2bn in etc/uams/uams_dhx_pam.c.

https://github.com/advisories/GHSA-52mm-rqxx-gfq6

CVE-2024-38441: Netatalk 3.2.0 has an off-by-one error and resultant
heap-based buffer overflow because of setting ibuf[len] to '\0' in FPMapName
in afp_mapname in etc/afp/directory.c.

https://github.com/advisories/GHSA-j764-4v6h-pqp7

Release notes:
https://github.com/Netatalk/netatalk/releases/tag/netatalk-3-1-19

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Peter Korsgaard 7 miesięcy temu
rodzic
e675ffd964
commit
9ab704699e
2 zmienionych plików z 5 dodań i 5 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 4 4
      package/netatalk/netatalk.hash
  2. 1 1
      package/netatalk/netatalk.mk

+ 4 - 4
package/netatalk/netatalk.hash
Wyświetl plik 

@@ -1,7 +1,7 @@
 
-# From http://sourceforge.net/projects/netatalk/files/netatalk/3.1.18/
 
-md5  b1caff4e1da534d8ca57d688c7fa3ce1  netatalk-3.1.18.tar.xz
 
-sha1  cbd92c95d04cfd4a9f49977970501a623310c2d9  netatalk-3.1.18.tar.xz
 
+# From http://sourceforge.net/projects/netatalk/files/netatalk/3.1.19/
 
+md5  4861f0c2450ac7a6094e51090e6fdc75  netatalk-3.1.19.tar.xz
 
+sha1  16900b3b14da9c2f40e1267ecb3e68021cc794b0  netatalk-3.1.19.tar.xz
 
 # Locally computed
 
-sha256  3941effcc2c4e0dceecabc763fbb8478a2f2fbe0af4a6314983cfea452df8d47  netatalk-3.1.18.tar.xz
 
+sha256  433fa87ac23bc18a9acb0769b4f7f4047eeb14e02e0607ecd3a051c31859164f  netatalk-3.1.19.tar.xz
 
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
 
 sha256  7599ae145e53be03a08f8b558b2f2e0c828e1630f1843cc04f41981b8cefcd65  COPYRIGHT

+ 1 - 1
package/netatalk/netatalk.mk
Wyświetl plik 

@@ -4,7 +4,7 @@
 
 #
 
 ################################################################################
 
 
-NETATALK_VERSION = 3.1.18
 
+NETATALK_VERSION = 3.1.19
 
 NETATALK_SITE = http://downloads.sourceforge.net/project/netatalk/netatalk-$(subst .,-,$(NETATALK_VERSION))
 
 NETATALK_SOURCE = netatalk-$(NETATALK_VERSION).tar.xz
 
 NETATALK_CONFIG_SCRIPTS = netatalk-config