Summary: | <net-fs/netatalk-3.1.17: remote code execution | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | blocker | CC: | maintainer-needed, Xeha |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=915354 | ||
Whiteboard: | B0 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 915632 | ||
Bug Blocks: |
Description
John Helmert III
2022-11-13 23:07:55 UTC
This is fixed in 3.1.15: https://github.com/Netatalk/netatalk/releases/tag/netatalk-3-1-15 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=53b4d537e4b7ebb3ea8a61abfff6fe52d4eadc99 commit 53b4d537e4b7ebb3ea8a61abfff6fe52d4eadc99 Author: Hans de Graaff <graaff@gentoo.org> AuthorDate: 2023-10-04 17:02:00 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2023-10-04 17:03:05 +0000 net-fs/netatalk: add 3.1.17 Bug: https://bugs.gentoo.org/837623 Bug: https://bugs.gentoo.org/881259 Closes: https://bugs.gentoo.org/829098 Signed-off-by: Hans de Graaff <graaff@gentoo.org> net-fs/netatalk/Manifest | 1 + .../netatalk-3.1.17-disable-ld-library-path.patch | 34 ++++ net-fs/netatalk/files/netatalk-3.1.17-gentoo.patch | 112 ++++++++++++++ net-fs/netatalk/netatalk-3.1.17.ebuild | 172 +++++++++++++++++++++ 4 files changed, 319 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=c9c5667418b482993cc73092e63caaffa8554c8f commit c9c5667418b482993cc73092e63caaffa8554c8f Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-11-01 14:46:24 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2023-11-01 14:46:58 +0000 [ GLSA 202311-02 ] Netatalk: Multiple Vulnerabilities including root remote code execution Bug: https://bugs.gentoo.org/837623 Bug: https://bugs.gentoo.org/881259 Bug: https://bugs.gentoo.org/915354 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202311-02.xml | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) |