What Are You Looking For?

Popular Tags

Sign Up

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  netatalk (SSA:2023-261-01)

New netatalk packages are available for Slackware 14.1, 14.2, 15.0, and -current
to fix a security issue.


Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/netatalk-3.1.17-i586-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and a security issue:
  Validate data type in dalloc_value_for_key(). This flaw could allow a
  malicious actor to cause Netatalk's afpd daemon to crash, or possibly to
  execute arbitrary code.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2023-42464
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on https://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/netatalk-3.1.17-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/netatalk-3.1.17-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/netatalk-3.1.17-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/netatalk-3.1.17-x86_64-1_slack14.2.txz

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/netatalk-3.1.17-i586-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/netatalk-3.1.17-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/netatalk-3.1.17-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/netatalk-3.1.17-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 14.1 package:
6d44efba42b454e6d1e72228c7dbfaef  netatalk-3.1.17-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
12ce22c0affcf5427896bcaf9e470353  netatalk-3.1.17-x86_64-1_slack14.1.txz

Slackware 14.2 package:
8d40f2b3804b539e7a212cea13e686a4  netatalk-3.1.17-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
6f112bfc903082daa48edc53c0cdc252  netatalk-3.1.17-x86_64-1_slack14.2.txz

Slackware 15.0 package:
a4254d295ab952ebcc6c3304283e685d  netatalk-3.1.17-i586-1_slack15.0.txz

Slackware x86_64 15.0 package:
fac40713001dcfdd358a5a3d71954f8e  netatalk-3.1.17-x86_64-1_slack15.0.txz

Slackware -current package:
326bb249553923a39080cf2c0ff454e1  n/netatalk-3.1.17-i586-1.txz

Slackware x86_64 -current package:
436ec49d3a5a5150cd1892c8e9503b58  n/netatalk-3.1.17-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg netatalk-3.1.17-i586-1_slack15.0.txz


+-----+

Slackware: 2023-261-01: netatalk Security Update

September 18, 2023
New netatalk packages are available for Slackware 14.1, 14.2, 15.0, and -current to fix a security issue

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/netatalk-3.1.17-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and a security issue: Validate data type in dalloc_value_for_key(). This flaw could allow a malicious actor to cause Netatalk's afpd daemon to crash, or possibly to execute arbitrary code. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-42464 (* Security fix *)

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on https://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/netatalk-3.1.17-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/netatalk-3.1.17-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/netatalk-3.1.17-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/netatalk-3.1.17-x86_64-1_slack14.2.txz
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/netatalk-3.1.17-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/netatalk-3.1.17-x86_64-1_slack15.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/netatalk-3.1.17-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/netatalk-3.1.17-x86_64-1.txz

MD5 Signatures

Slackware 14.1 package: 6d44efba42b454e6d1e72228c7dbfaef netatalk-3.1.17-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 12ce22c0affcf5427896bcaf9e470353 netatalk-3.1.17-x86_64-1_slack14.1.txz
Slackware 14.2 package: 8d40f2b3804b539e7a212cea13e686a4 netatalk-3.1.17-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 6f112bfc903082daa48edc53c0cdc252 netatalk-3.1.17-x86_64-1_slack14.2.txz
Slackware 15.0 package: a4254d295ab952ebcc6c3304283e685d netatalk-3.1.17-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: fac40713001dcfdd358a5a3d71954f8e netatalk-3.1.17-x86_64-1_slack15.0.txz
Slackware -current package: 326bb249553923a39080cf2c0ff454e1 n/netatalk-3.1.17-i586-1.txz
Slackware x86_64 -current package: 436ec49d3a5a5150cd1892c8e9503b58 n/netatalk-3.1.17-x86_64-1.txz

Severity
[slackware-security] netatalk (SSA:2023-261-01)
New netatalk packages are available for Slackware 14.1, 14.2, 15.0, and -current to fix a security issue.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg netatalk-3.1.17-i586-1_slack15.0.txz

Related News

Severe Chromium DoS, Info Disclosure Vulns Fixed

Sep 30, 2023

Critical Node.js Info Disclosure, Code Execution Bugs Fixed

Sep 23, 2023

GitHub Makes Passkeys Security Feature Available to All

Sep 27, 2023

Remotely Exploitable Poppler DoS Bugs Fixed - Update Now!

Sep 22, 2023

News

Advisories

HOWTOs

Features

Guide To Tackling Network Programming Assignments On Linux
Guide To Software Security Testing On Linux
Everything You Need to Know About Linux Proxy Servers
Simple Steps for Identifying & Troubleshooting a Kernel Panic
Linux Endpoint Detection and Response (EDR): A Crucial Part of a Successful Cybersecurity Strategy

About Us

Powered By

Footer Logo

Feedback