Описание
Security update for netatalk
This update for netatalk fixes the following issues:
- CVE-2022-45188: Fixed heap-based buffer overflow in afp_getappl() (bsc#1205393).
Список пакетов
SUSE Linux Enterprise Software Development Kit 12 SP5
libatalk12-3.1.0-3.11.1
netatalk-3.1.0-3.11.1
netatalk-devel-3.1.0-3.11.1
SUSE Linux Enterprise Workstation Extension 12 SP5
libatalk12-3.1.0-3.11.1
netatalk-3.1.0-3.11.1
Ссылки
- Link for SUSE-SU-2022:4360-1
- E-Mail link for SUSE-SU-2022:4360-1
- SUSE Security Ratings
- SUSE Bug 1205393
- SUSE CVE CVE-2022-45188 page
Описание
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:libatalk12-3.1.0-3.11.1
SUSE Linux Enterprise Software Development Kit 12 SP5:netatalk-3.1.0-3.11.1
SUSE Linux Enterprise Software Development Kit 12 SP5:netatalk-devel-3.1.0-3.11.1
SUSE Linux Enterprise Workstation Extension 12 SP5:libatalk12-3.1.0-3.11.1
Ссылки
- CVE-2022-45188
- SUSE Bug 1205393