Source: netatalk X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security
Hi, The following vulnerability was published for netatalk. CVE-2022-45188[0]: | Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow | resulting in code execution via a crafted .appl file. This provides | remote root access on some platforms such as FreeBSD (used for | TrueNAS). https://rushbnt.github.io/bug%20analysis/netatalk-0day/ If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-45188 https://www.cve.org/CVERecord?id=CVE-2022-45188 Please adjust the affected versions in the BTS as needed.
