From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH] netatalk: update to 3.1.13 Date: Mon, 22 Aug 2022 06:18:54 +0000 Message-ID: <2d34f4ee-d1bc-dffd-8b1f-4ae2a39602d7@ipfire.org> In-Reply-To: <7D4055BC-CABB-48A5-938B-D83B16F6464C@gmail.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6803065699614990048==" List-Id: --===============6803065699614990048== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Jon, thank you for testing this and reporting back. I have just reverted your patch (https://git.ipfire.org/?p=3Dipfire-2.x.git;a= =3Dcommit;h=3D0e8a17b2d1a7e61ebb1e25b384526c44acc1f7a0), and will update the changelog for Core Update 170 in due course. All the best, Peter M=C3=BCller > Hey Peter! >=20 > Please revert this patch. =20 >=20 > During my testing of CU 170 (master/ef7d41ef) I stumbled across this netata= lk issue: >=20 > ``` > [root(a)ipfireAPU ~]# cat /var/log/afpd.log > Aug 16 17:06:22.314909 afpd[12975] {fault.c:123} (severe:Default): =3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > Aug 16 17:06:22.314995 afpd[12975] {fault.c:124} (severe:Default): INTERNAL= ERROR: Signal 11 in pid 12975 (3.1.13) > Aug 16 17:06:22.315032 afpd[12975] {fault.c:125} (severe:Default): =3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > Aug 16 17:06:22.316206 afpd[12975] {fault.c:96} (severe:Default): PANIC: in= ternal error > Aug 16 17:06:22.316252 afpd[12975] {fault.c:97} (severe:Default): BACKTRACE= : 13 stack frames: > Aug 16 17:06:22.316288 afpd[12975] {fault.c:103} (severe:Default): #0 /usr= /lib/libatalk.so.18(netatalk_panic+0x39) [0x794f2d563639] > Aug 16 17:06:22.316326 afpd[12975] {fault.c:103} (severe:Default): #1 /usr= /lib/libatalk.so.18(+0x3a78e) [0x794f2d56378e] > Aug 16 17:06:22.316380 afpd[12975] {fault.c:103} (severe:Default): #2 /lib= /libc.so.6(+0x3e680) [0x794f2ccbd680] > Aug 16 17:06:22.316426 afpd[12975] {fault.c:103} (severe:Default): #3 /usr= /lib/libatalk.so.18(+0x1d195) [0x794f2d546195] > Aug 16 17:06:22.316462 afpd[12975] {fault.c:103} (severe:Default): #4 /usr= /lib/libatalk.so.18(ad_open+0x4ba) [0x794f2d54768a] > Aug 16 17:06:22.316498 afpd[12975] {fault.c:103} (severe:Default): #5 /usr= /sbin/afpd() [0x43093f] > Aug 16 17:06:22.316533 afpd[12975] {fault.c:103} (severe:Default): #6 /usr= /sbin/afpd() [0x4316a1] > Aug 16 17:06:22.316567 afpd[12975] {fault.c:103} (severe:Default): #7 /usr= /sbin/afpd(afp_openvol+0x354) [0x431d34] > Aug 16 17:06:22.316628 afpd[12975] {fault.c:103} (severe:Default): #8 /usr= /sbin/afpd(afp_over_dsi+0x698) [0x40f448] > Aug 16 17:06:22.316664 afpd[12975] {fault.c:103} (severe:Default): #9 /usr= /sbin/afpd(main+0x9d5) [0x40d255] > Aug 16 17:06:22.316699 afpd[12975] {fault.c:103} (severe:Default): #10 /li= b/libc.so.6(+0x29590) [0x794f2cca8590] > Aug 16 17:06:22.316734 afpd[12975] {fault.c:103} (severe:Default): #11 /li= b/libc.so.6(__libc_start_main+0x80) [0x794f2cca8640] > Aug 16 17:06:22.316770 afpd[12975] {fault.c:103} (severe:Default): #12 /us= r/sbin/afpd(_start+0x25) [0x40d5b5] > . . . > ``` >=20 > Adolf found it was a known bug. > https://sourceforge.net/p/netatalk/bugs/670/ >=20 > But it doesn=E2=80=99t seem like it has been fixed by the Netatalk team yet. >=20 > Thank you! > Jon >=20 >=20 >> On Aug 5, 2022, at 4:08 AM, Peter M=C3=BCller = wrote: >> >> Reviewed-by: Peter M=C3=BCller >> >>> - this releases fixes the following major security issues: >>> CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123, >>> CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194. >>> - FIX: afpd: make a variable declaration a definition >>> - UPD: Remove bundled libevent >>> >>> Signed-off-by: Jon Murphy >>> --- >>> lfs/netatalk | 8 ++++---- >>> 1 file changed, 4 insertions(+), 4 deletions(-) >>> >>> diff --git a/lfs/netatalk b/lfs/netatalk >>> index ef75c89fe..7a91fa948 100644 >>> --- a/lfs/netatalk >>> +++ b/lfs/netatalk >>> @@ -1,7 +1,7 @@ >>> #########################################################################= ###### >>> # = # >>> # IPFire.org - A linux based firewall = # >>> -# Copyright (C) 2007-2018 IPFire Team = # >>> +# Copyright (C) 2007-2022 IPFire Team = # >>> # = # >>> # This program is free software: you can redistribute it and/or modify = # >>> # it under the terms of the GNU General Public License as published by = # >>> @@ -26,7 +26,7 @@ include Config >>> >>> SUMMARY =3D AppleShare file server >>> >>> -VER =3D 3.1.12 >>> +VER =3D 3.1.13 >>> >>> THISAPP =3D netatalk-$(VER) >>> DL_FILE =3D $(THISAPP).tar.gz >>> @@ -34,7 +34,7 @@ DL_FROM =3D $(URL_IPFIRE) >>> DIR_APP =3D $(DIR_SRC)/$(THISAPP) >>> TARGET =3D $(DIR_INFO)/$(THISAPP) >>> PROG =3D netatalk >>> -PAK_VER =3D 3 >>> +PAK_VER =3D 4 >>> >>> DEPS =3D avahi dbus >>> >>> @@ -50,7 +50,7 @@ objects =3D $(DL_FILE) >>> >>> $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) >>> >>> -$(DL_FILE)_BLAKE2 =3D 912bb85045952202becc42899f87ada33427ded987de6c7a6b= 56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc >>> +$(DL_FILE)_BLAKE2 =3D 2849e2a5b436f9965e0dd2aedf5078c560c78f45c1c86fbdea= 39228266b8fbcc096a3a62a08bd626b8b700fde4dd65d99f71f04478e129f6ec61c2ed7184780d >>> >>> install : $(TARGET) >>> >=20 >=20 --===============6803065699614990048==--