[PATCH] netatalk: update to 3.1.13

public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed

* [PATCH] netatalk: update to 3.1.13
@ 2022-08-05  2:38 Jon Murphy
  2022-08-05  9:08 ` Peter Müller
  0 siblings, 1 reply; 7+ messages in thread
From: Jon Murphy @ 2022-08-05  2:38 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 2036 bytes --]

 - this releases fixes the following major security issues:
    CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123,
    CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194.
 - FIX: afpd: make a variable declaration a definition
 - UPD: Remove bundled libevent

Signed-off-by: Jon Murphy <jon.murphy(a)ipfire.org>
---
 lfs/netatalk | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lfs/netatalk b/lfs/netatalk
index ef75c89fe..7a91fa948 100644
--- a/lfs/netatalk
+++ b/lfs/netatalk
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2018  IPFire Team  <info(a)ipfire.org>                     #
+# Copyright (C) 2007-2022  IPFire Team  <info(a)ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = AppleShare file server
 
-VER        = 3.1.12
+VER        = 3.1.13
 
 THISAPP    = netatalk-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = netatalk
-PAK_VER    = 3
+PAK_VER    = 4
 
 DEPS       = avahi dbus
 
@@ -50,7 +50,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc
+$(DL_FILE)_BLAKE2 = 2849e2a5b436f9965e0dd2aedf5078c560c78f45c1c86fbdea39228266b8fbcc096a3a62a08bd626b8b700fde4dd65d99f71f04478e129f6ec61c2ed7184780d
 
 install : $(TARGET)
 
-- 
2.30.2


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] netatalk: update to 3.1.13
  2022-08-05  2:38 [PATCH] netatalk: update to 3.1.13 Jon Murphy
@ 2022-08-05  9:08 ` Peter Müller
  0 siblings, 0 replies; 7+ messages in thread
From: Peter Müller @ 2022-08-05  9:08 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 2182 bytes --]

Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>

>  - this releases fixes the following major security issues:
>     CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123,
>     CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194.
>  - FIX: afpd: make a variable declaration a definition
>  - UPD: Remove bundled libevent
> 
> Signed-off-by: Jon Murphy <jon.murphy(a)ipfire.org>
> ---
>  lfs/netatalk | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/lfs/netatalk b/lfs/netatalk
> index ef75c89fe..7a91fa948 100644
> --- a/lfs/netatalk
> +++ b/lfs/netatalk
> @@ -1,7 +1,7 @@
>  ###############################################################################
>  #                                                                             #
>  # IPFire.org - A linux based firewall                                         #
> -# Copyright (C) 2007-2018  IPFire Team  <info(a)ipfire.org>                     #
> +# Copyright (C) 2007-2022  IPFire Team  <info(a)ipfire.org>                     #
>  #                                                                             #
>  # This program is free software: you can redistribute it and/or modify        #
>  # it under the terms of the GNU General Public License as published by        #
> @@ -26,7 +26,7 @@ include Config
>  
>  SUMMARY    = AppleShare file server
>  
> -VER        = 3.1.12
> +VER        = 3.1.13
>  
>  THISAPP    = netatalk-$(VER)
>  DL_FILE    = $(THISAPP).tar.gz
> @@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
>  DIR_APP    = $(DIR_SRC)/$(THISAPP)
>  TARGET     = $(DIR_INFO)/$(THISAPP)
>  PROG       = netatalk
> -PAK_VER    = 3
> +PAK_VER    = 4
>  
>  DEPS       = avahi dbus
>  
> @@ -50,7 +50,7 @@ objects = $(DL_FILE)
>  
>  $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>  
> -$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc
> +$(DL_FILE)_BLAKE2 = 2849e2a5b436f9965e0dd2aedf5078c560c78f45c1c86fbdea39228266b8fbcc096a3a62a08bd626b8b700fde4dd65d99f71f04478e129f6ec61c2ed7184780d
>  
>  install : $(TARGET)
>  

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] netatalk: update to 3.1.13
  2022-08-22  8:45   ` Michael Tremer
  2022-08-22  9:05     ` Adolf Belka
@ 2022-08-22 20:04     ` Peter Müller
  1 sibling, 0 replies; 7+ messages in thread
From: Peter Müller @ 2022-08-22 20:04 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 5790 bytes --]

Hello Michael,

indeed, thank you for flagging this. I just fixed it in "next".

All the best,
Peter Müller


> Hello Peter,
> 
> If you revert a patch like this, you would have to increase PAK_VER and not decrease it.
> 
> That way, people will “update” back to the old version because PAK_VER is everything that Pakfire checks.
> 
> There is a patch that should fix this available here:
> 
>   https://cgit.freebsd.org/ports/tree/net/netatalk3/files/patch-libatalk_adouble_ad__open.c?id=ad0b2e636d9ebf0bdcfdb30933fa0658fa657b17
> 
> Is anyone happy to give it a try?
> 
> -Michael
> 
>> On 22 Aug 2022, at 07:18, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>
>> Hello Jon,
>>
>> thank you for testing this and reporting back.
>>
>> I have just reverted your patch (https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=0e8a17b2d1a7e61ebb1e25b384526c44acc1f7a0),
>> and will update the changelog for Core Update 170 in due course.
>>
>> All the best,
>> Peter Müller
>>
>>
>>> Hey Peter!
>>>
>>> Please revert this patch. 
>>>
>>> During my testing of CU 170 (master/ef7d41ef) I stumbled across this netatalk issue:
>>>
>>> ```
>>> [root(a)ipfireAPU ~]# cat /var/log/afpd.log
>>> Aug 16 17:06:22.314909 afpd[12975] {fault.c:123} (severe:Default): ===============================================================
>>> Aug 16 17:06:22.314995 afpd[12975] {fault.c:124} (severe:Default): INTERNAL ERROR: Signal 11 in pid 12975 (3.1.13)
>>> Aug 16 17:06:22.315032 afpd[12975] {fault.c:125} (severe:Default): ===============================================================
>>> Aug 16 17:06:22.316206 afpd[12975] {fault.c:96} (severe:Default): PANIC: internal error
>>> Aug 16 17:06:22.316252 afpd[12975] {fault.c:97} (severe:Default): BACKTRACE: 13 stack frames:
>>> Aug 16 17:06:22.316288 afpd[12975] {fault.c:103} (severe:Default): #0 /usr/lib/libatalk.so.18(netatalk_panic+0x39) [0x794f2d563639]
>>> Aug 16 17:06:22.316326 afpd[12975] {fault.c:103} (severe:Default): #1 /usr/lib/libatalk.so.18(+0x3a78e) [0x794f2d56378e]
>>> Aug 16 17:06:22.316380 afpd[12975] {fault.c:103} (severe:Default): #2 /lib/libc.so.6(+0x3e680) [0x794f2ccbd680]
>>> Aug 16 17:06:22.316426 afpd[12975] {fault.c:103} (severe:Default): #3 /usr/lib/libatalk.so.18(+0x1d195) [0x794f2d546195]
>>> Aug 16 17:06:22.316462 afpd[12975] {fault.c:103} (severe:Default): #4 /usr/lib/libatalk.so.18(ad_open+0x4ba) [0x794f2d54768a]
>>> Aug 16 17:06:22.316498 afpd[12975] {fault.c:103} (severe:Default): #5 /usr/sbin/afpd() [0x43093f]
>>> Aug 16 17:06:22.316533 afpd[12975] {fault.c:103} (severe:Default): #6 /usr/sbin/afpd() [0x4316a1]
>>> Aug 16 17:06:22.316567 afpd[12975] {fault.c:103} (severe:Default): #7 /usr/sbin/afpd(afp_openvol+0x354) [0x431d34]
>>> Aug 16 17:06:22.316628 afpd[12975] {fault.c:103} (severe:Default): #8 /usr/sbin/afpd(afp_over_dsi+0x698) [0x40f448]
>>> Aug 16 17:06:22.316664 afpd[12975] {fault.c:103} (severe:Default): #9 /usr/sbin/afpd(main+0x9d5) [0x40d255]
>>> Aug 16 17:06:22.316699 afpd[12975] {fault.c:103} (severe:Default): #10 /lib/libc.so.6(+0x29590) [0x794f2cca8590]
>>> Aug 16 17:06:22.316734 afpd[12975] {fault.c:103} (severe:Default): #11 /lib/libc.so.6(__libc_start_main+0x80) [0x794f2cca8640]
>>> Aug 16 17:06:22.316770 afpd[12975] {fault.c:103} (severe:Default): #12 /usr/sbin/afpd(_start+0x25) [0x40d5b5]
>>> . . .
>>> ```
>>>
>>> Adolf found it was a known bug.
>>> https://sourceforge.net/p/netatalk/bugs/670/ <https://sourceforge.net/p/netatalk/bugs/670/>
>>>
>>> But it doesn’t seem like it has been fixed by the Netatalk team yet.
>>>
>>> Thank you!
>>> Jon
>>>
>>>
>>>> On Aug 5, 2022, at 4:08 AM, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>>>
>>>> Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
>>>>
>>>>> - this releases fixes the following major security issues:
>>>>> CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123,
>>>>> CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194.
>>>>> - FIX: afpd: make a variable declaration a definition
>>>>> - UPD: Remove bundled libevent
>>>>>
>>>>> Signed-off-by: Jon Murphy <jon.murphy(a)ipfire.org>
>>>>> ---
>>>>> lfs/netatalk | 8 ++++----
>>>>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>>>>
>>>>> diff --git a/lfs/netatalk b/lfs/netatalk
>>>>> index ef75c89fe..7a91fa948 100644
>>>>> --- a/lfs/netatalk
>>>>> +++ b/lfs/netatalk
>>>>> @@ -1,7 +1,7 @@
>>>>> ###############################################################################
>>>>> # #
>>>>> # IPFire.org - A linux based firewall #
>>>>> -# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
>>>>> +# Copyright (C) 2007-2022 IPFire Team <info(a)ipfire.org> #
>>>>> # #
>>>>> # This program is free software: you can redistribute it and/or modify #
>>>>> # it under the terms of the GNU General Public License as published by #
>>>>> @@ -26,7 +26,7 @@ include Config
>>>>>
>>>>> SUMMARY = AppleShare file server
>>>>>
>>>>> -VER = 3.1.12
>>>>> +VER = 3.1.13
>>>>>
>>>>> THISAPP = netatalk-$(VER)
>>>>> DL_FILE = $(THISAPP).tar.gz
>>>>> @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
>>>>> DIR_APP = $(DIR_SRC)/$(THISAPP)
>>>>> TARGET = $(DIR_INFO)/$(THISAPP)
>>>>> PROG = netatalk
>>>>> -PAK_VER = 3
>>>>> +PAK_VER = 4
>>>>>
>>>>> DEPS = avahi dbus
>>>>>
>>>>> @@ -50,7 +50,7 @@ objects = $(DL_FILE)
>>>>>
>>>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>>>
>>>>> -$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc
>>>>> +$(DL_FILE)_BLAKE2 = 2849e2a5b436f9965e0dd2aedf5078c560c78f45c1c86fbdea39228266b8fbcc096a3a62a08bd626b8b700fde4dd65d99f71f04478e129f6ec61c2ed7184780d
>>>>>
>>>>> install : $(TARGET)
> 

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] netatalk: update to 3.1.13
  2022-08-22  9:05     ` Adolf Belka
@ 2022-08-22  9:19       ` Michael Tremer
  0 siblings, 0 replies; 7+ messages in thread
From: Michael Tremer @ 2022-08-22  9:19 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 6627 bytes --]

Hello Adolf,

Okay. I can live with that - although there were a couple of CVEs fixed in this release and it would be nice to have them fixed sooner rather than later.

Looks like we will have to wait for upstream. Thanks for looking into this though.

All the best,
-Michael

> On 22 Aug 2022, at 10:05, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
> 
> Hi All,
> 
> On 22/08/2022 10:45, Michael Tremer wrote:
>> Hello Peter,
>> 
>> If you revert a patch like this, you would have to increase PAK_VER and not decrease it.
>> 
>> That way, people will “update” back to the old version because PAK_VER is everything that Pakfire checks.
>> 
>> There is a patch that should fix this available here:
>> 
>> https://cgit.freebsd.org/ports/tree/net/netatalk3/files/patch-libatalk_adouble_ad__open.c?id=ad0b2e636d9ebf0bdcfdb30933fa0658fa657b17
>> 
>> Is anyone happy to give it a try?
> Jon already tried that out but he got a different set of errors with the patched version. Also in the BSD bug report, although it is closed there was a report at the end of it of errors in the patched version.
> 
> Not clear how bad the new errors are but it seemed better to revert back until the new errors were also fixed.
> 
> Regards,
> 
> Adolf.
>> -Michael
>> 
>>> On 22 Aug 2022, at 07:18, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>> 
>>> Hello Jon,
>>> 
>>> thank you for testing this and reporting back.
>>> 
>>> I have just reverted your patch (https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=0e8a17b2d1a7e61ebb1e25b384526c44acc1f7a0),
>>> and will update the changelog for Core Update 170 in due course.
>>> 
>>> All the best,
>>> Peter Müller
>>> 
>>> 
>>>> Hey Peter!
>>>> 
>>>> Please revert this patch.
>>>> 
>>>> During my testing of CU 170 (master/ef7d41ef) I stumbled across this netatalk issue:
>>>> 
>>>> ```
>>>> [root(a)ipfireAPU ~]# cat /var/log/afpd.log
>>>> Aug 16 17:06:22.314909 afpd[12975] {fault.c:123} (severe:Default): ===============================================================
>>>> Aug 16 17:06:22.314995 afpd[12975] {fault.c:124} (severe:Default): INTERNAL ERROR: Signal 11 in pid 12975 (3.1.13)
>>>> Aug 16 17:06:22.315032 afpd[12975] {fault.c:125} (severe:Default): ===============================================================
>>>> Aug 16 17:06:22.316206 afpd[12975] {fault.c:96} (severe:Default): PANIC: internal error
>>>> Aug 16 17:06:22.316252 afpd[12975] {fault.c:97} (severe:Default): BACKTRACE: 13 stack frames:
>>>> Aug 16 17:06:22.316288 afpd[12975] {fault.c:103} (severe:Default): #0 /usr/lib/libatalk.so.18(netatalk_panic+0x39) [0x794f2d563639]
>>>> Aug 16 17:06:22.316326 afpd[12975] {fault.c:103} (severe:Default): #1 /usr/lib/libatalk.so.18(+0x3a78e) [0x794f2d56378e]
>>>> Aug 16 17:06:22.316380 afpd[12975] {fault.c:103} (severe:Default): #2 /lib/libc.so.6(+0x3e680) [0x794f2ccbd680]
>>>> Aug 16 17:06:22.316426 afpd[12975] {fault.c:103} (severe:Default): #3 /usr/lib/libatalk.so.18(+0x1d195) [0x794f2d546195]
>>>> Aug 16 17:06:22.316462 afpd[12975] {fault.c:103} (severe:Default): #4 /usr/lib/libatalk.so.18(ad_open+0x4ba) [0x794f2d54768a]
>>>> Aug 16 17:06:22.316498 afpd[12975] {fault.c:103} (severe:Default): #5 /usr/sbin/afpd() [0x43093f]
>>>> Aug 16 17:06:22.316533 afpd[12975] {fault.c:103} (severe:Default): #6 /usr/sbin/afpd() [0x4316a1]
>>>> Aug 16 17:06:22.316567 afpd[12975] {fault.c:103} (severe:Default): #7 /usr/sbin/afpd(afp_openvol+0x354) [0x431d34]
>>>> Aug 16 17:06:22.316628 afpd[12975] {fault.c:103} (severe:Default): #8 /usr/sbin/afpd(afp_over_dsi+0x698) [0x40f448]
>>>> Aug 16 17:06:22.316664 afpd[12975] {fault.c:103} (severe:Default): #9 /usr/sbin/afpd(main+0x9d5) [0x40d255]
>>>> Aug 16 17:06:22.316699 afpd[12975] {fault.c:103} (severe:Default): #10 /lib/libc.so.6(+0x29590) [0x794f2cca8590]
>>>> Aug 16 17:06:22.316734 afpd[12975] {fault.c:103} (severe:Default): #11 /lib/libc.so.6(__libc_start_main+0x80) [0x794f2cca8640]
>>>> Aug 16 17:06:22.316770 afpd[12975] {fault.c:103} (severe:Default): #12 /usr/sbin/afpd(_start+0x25) [0x40d5b5]
>>>> . . .
>>>> ```
>>>> 
>>>> Adolf found it was a known bug.
>>>> https://sourceforge.net/p/netatalk/bugs/670/ <https://sourceforge.net/p/netatalk/bugs/670/>
>>>> 
>>>> But it doesn’t seem like it has been fixed by the Netatalk team yet.
>>>> 
>>>> Thank you!
>>>> Jon
>>>> 
>>>> 
>>>>> On Aug 5, 2022, at 4:08 AM, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>>>> 
>>>>> Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
>>>>> 
>>>>>> - this releases fixes the following major security issues:
>>>>>> CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123,
>>>>>> CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194.
>>>>>> - FIX: afpd: make a variable declaration a definition
>>>>>> - UPD: Remove bundled libevent
>>>>>> 
>>>>>> Signed-off-by: Jon Murphy <jon.murphy(a)ipfire.org>
>>>>>> ---
>>>>>> lfs/netatalk | 8 ++++----
>>>>>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>>>>> 
>>>>>> diff --git a/lfs/netatalk b/lfs/netatalk
>>>>>> index ef75c89fe..7a91fa948 100644
>>>>>> --- a/lfs/netatalk
>>>>>> +++ b/lfs/netatalk
>>>>>> @@ -1,7 +1,7 @@
>>>>>> ###############################################################################
>>>>>> # #
>>>>>> # IPFire.org - A linux based firewall #
>>>>>> -# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
>>>>>> +# Copyright (C) 2007-2022 IPFire Team <info(a)ipfire.org> #
>>>>>> # #
>>>>>> # This program is free software: you can redistribute it and/or modify #
>>>>>> # it under the terms of the GNU General Public License as published by #
>>>>>> @@ -26,7 +26,7 @@ include Config
>>>>>> 
>>>>>> SUMMARY = AppleShare file server
>>>>>> 
>>>>>> -VER = 3.1.12
>>>>>> +VER = 3.1.13
>>>>>> 
>>>>>> THISAPP = netatalk-$(VER)
>>>>>> DL_FILE = $(THISAPP).tar.gz
>>>>>> @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
>>>>>> DIR_APP = $(DIR_SRC)/$(THISAPP)
>>>>>> TARGET = $(DIR_INFO)/$(THISAPP)
>>>>>> PROG = netatalk
>>>>>> -PAK_VER = 3
>>>>>> +PAK_VER = 4
>>>>>> 
>>>>>> DEPS = avahi dbus
>>>>>> 
>>>>>> @@ -50,7 +50,7 @@ objects = $(DL_FILE)
>>>>>> 
>>>>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>>>> 
>>>>>> -$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc
>>>>>> +$(DL_FILE)_BLAKE2 = 2849e2a5b436f9965e0dd2aedf5078c560c78f45c1c86fbdea39228266b8fbcc096a3a62a08bd626b8b700fde4dd65d99f71f04478e129f6ec61c2ed7184780d
>>>>>> 
>>>>>> install : $(TARGET)
> 
> -- 
> Sent from my laptop


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] netatalk: update to 3.1.13
  2022-08-22  8:45   ` Michael Tremer
@ 2022-08-22  9:05     ` Adolf Belka
  2022-08-22  9:19       ` Michael Tremer
  2022-08-22 20:04     ` Peter Müller
  1 sibling, 1 reply; 7+ messages in thread
From: Adolf Belka @ 2022-08-22  9:05 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 6095 bytes --]

Hi All,

On 22/08/2022 10:45, Michael Tremer wrote:
> Hello Peter,
>
> If you revert a patch like this, you would have to increase PAK_VER and not decrease it.
>
> That way, people will “update” back to the old version because PAK_VER is everything that Pakfire checks.
>
> There is a patch that should fix this available here:
>
>    https://cgit.freebsd.org/ports/tree/net/netatalk3/files/patch-libatalk_adouble_ad__open.c?id=ad0b2e636d9ebf0bdcfdb30933fa0658fa657b17
>
> Is anyone happy to give it a try?
Jon already tried that out but he got a different set of errors with the 
patched version. Also in the BSD bug report, although it is closed there 
was a report at the end of it of errors in the patched version.

Not clear how bad the new errors are but it seemed better to revert back 
until the new errors were also fixed.

Regards,

Adolf.
> -Michael
>
>> On 22 Aug 2022, at 07:18, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>
>> Hello Jon,
>>
>> thank you for testing this and reporting back.
>>
>> I have just reverted your patch (https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=0e8a17b2d1a7e61ebb1e25b384526c44acc1f7a0),
>> and will update the changelog for Core Update 170 in due course.
>>
>> All the best,
>> Peter Müller
>>
>>
>>> Hey Peter!
>>>
>>> Please revert this patch.
>>>
>>> During my testing of CU 170 (master/ef7d41ef) I stumbled across this netatalk issue:
>>>
>>> ```
>>> [root(a)ipfireAPU ~]# cat /var/log/afpd.log
>>> Aug 16 17:06:22.314909 afpd[12975] {fault.c:123} (severe:Default): ===============================================================
>>> Aug 16 17:06:22.314995 afpd[12975] {fault.c:124} (severe:Default): INTERNAL ERROR: Signal 11 in pid 12975 (3.1.13)
>>> Aug 16 17:06:22.315032 afpd[12975] {fault.c:125} (severe:Default): ===============================================================
>>> Aug 16 17:06:22.316206 afpd[12975] {fault.c:96} (severe:Default): PANIC: internal error
>>> Aug 16 17:06:22.316252 afpd[12975] {fault.c:97} (severe:Default): BACKTRACE: 13 stack frames:
>>> Aug 16 17:06:22.316288 afpd[12975] {fault.c:103} (severe:Default): #0 /usr/lib/libatalk.so.18(netatalk_panic+0x39) [0x794f2d563639]
>>> Aug 16 17:06:22.316326 afpd[12975] {fault.c:103} (severe:Default): #1 /usr/lib/libatalk.so.18(+0x3a78e) [0x794f2d56378e]
>>> Aug 16 17:06:22.316380 afpd[12975] {fault.c:103} (severe:Default): #2 /lib/libc.so.6(+0x3e680) [0x794f2ccbd680]
>>> Aug 16 17:06:22.316426 afpd[12975] {fault.c:103} (severe:Default): #3 /usr/lib/libatalk.so.18(+0x1d195) [0x794f2d546195]
>>> Aug 16 17:06:22.316462 afpd[12975] {fault.c:103} (severe:Default): #4 /usr/lib/libatalk.so.18(ad_open+0x4ba) [0x794f2d54768a]
>>> Aug 16 17:06:22.316498 afpd[12975] {fault.c:103} (severe:Default): #5 /usr/sbin/afpd() [0x43093f]
>>> Aug 16 17:06:22.316533 afpd[12975] {fault.c:103} (severe:Default): #6 /usr/sbin/afpd() [0x4316a1]
>>> Aug 16 17:06:22.316567 afpd[12975] {fault.c:103} (severe:Default): #7 /usr/sbin/afpd(afp_openvol+0x354) [0x431d34]
>>> Aug 16 17:06:22.316628 afpd[12975] {fault.c:103} (severe:Default): #8 /usr/sbin/afpd(afp_over_dsi+0x698) [0x40f448]
>>> Aug 16 17:06:22.316664 afpd[12975] {fault.c:103} (severe:Default): #9 /usr/sbin/afpd(main+0x9d5) [0x40d255]
>>> Aug 16 17:06:22.316699 afpd[12975] {fault.c:103} (severe:Default): #10 /lib/libc.so.6(+0x29590) [0x794f2cca8590]
>>> Aug 16 17:06:22.316734 afpd[12975] {fault.c:103} (severe:Default): #11 /lib/libc.so.6(__libc_start_main+0x80) [0x794f2cca8640]
>>> Aug 16 17:06:22.316770 afpd[12975] {fault.c:103} (severe:Default): #12 /usr/sbin/afpd(_start+0x25) [0x40d5b5]
>>> . . .
>>> ```
>>>
>>> Adolf found it was a known bug.
>>> https://sourceforge.net/p/netatalk/bugs/670/ <https://sourceforge.net/p/netatalk/bugs/670/>
>>>
>>> But it doesn’t seem like it has been fixed by the Netatalk team yet.
>>>
>>> Thank you!
>>> Jon
>>>
>>>
>>>> On Aug 5, 2022, at 4:08 AM, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>>>
>>>> Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
>>>>
>>>>> - this releases fixes the following major security issues:
>>>>> CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123,
>>>>> CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194.
>>>>> - FIX: afpd: make a variable declaration a definition
>>>>> - UPD: Remove bundled libevent
>>>>>
>>>>> Signed-off-by: Jon Murphy <jon.murphy(a)ipfire.org>
>>>>> ---
>>>>> lfs/netatalk | 8 ++++----
>>>>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>>>>
>>>>> diff --git a/lfs/netatalk b/lfs/netatalk
>>>>> index ef75c89fe..7a91fa948 100644
>>>>> --- a/lfs/netatalk
>>>>> +++ b/lfs/netatalk
>>>>> @@ -1,7 +1,7 @@
>>>>> ###############################################################################
>>>>> # #
>>>>> # IPFire.org - A linux based firewall #
>>>>> -# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
>>>>> +# Copyright (C) 2007-2022 IPFire Team <info(a)ipfire.org> #
>>>>> # #
>>>>> # This program is free software: you can redistribute it and/or modify #
>>>>> # it under the terms of the GNU General Public License as published by #
>>>>> @@ -26,7 +26,7 @@ include Config
>>>>>
>>>>> SUMMARY = AppleShare file server
>>>>>
>>>>> -VER = 3.1.12
>>>>> +VER = 3.1.13
>>>>>
>>>>> THISAPP = netatalk-$(VER)
>>>>> DL_FILE = $(THISAPP).tar.gz
>>>>> @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
>>>>> DIR_APP = $(DIR_SRC)/$(THISAPP)
>>>>> TARGET = $(DIR_INFO)/$(THISAPP)
>>>>> PROG = netatalk
>>>>> -PAK_VER = 3
>>>>> +PAK_VER = 4
>>>>>
>>>>> DEPS = avahi dbus
>>>>>
>>>>> @@ -50,7 +50,7 @@ objects = $(DL_FILE)
>>>>>
>>>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>>>
>>>>> -$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc
>>>>> +$(DL_FILE)_BLAKE2 = 2849e2a5b436f9965e0dd2aedf5078c560c78f45c1c86fbdea39228266b8fbcc096a3a62a08bd626b8b700fde4dd65d99f71f04478e129f6ec61c2ed7184780d
>>>>>
>>>>> install : $(TARGET)

-- 
Sent from my laptop


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] netatalk: update to 3.1.13
  2022-08-22  6:18 ` Peter Müller
@ 2022-08-22  8:45   ` Michael Tremer
  2022-08-22  9:05     ` Adolf Belka
  2022-08-22 20:04     ` Peter Müller
  0 siblings, 2 replies; 7+ messages in thread
From: Michael Tremer @ 2022-08-22  8:45 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 5562 bytes --]

Hello Peter,

If you revert a patch like this, you would have to increase PAK_VER and not decrease it.

That way, people will “update” back to the old version because PAK_VER is everything that Pakfire checks.

There is a patch that should fix this available here:

  https://cgit.freebsd.org/ports/tree/net/netatalk3/files/patch-libatalk_adouble_ad__open.c?id=ad0b2e636d9ebf0bdcfdb30933fa0658fa657b17

Is anyone happy to give it a try?

-Michael

> On 22 Aug 2022, at 07:18, Peter Müller <peter.mueller(a)ipfire.org> wrote:
> 
> Hello Jon,
> 
> thank you for testing this and reporting back.
> 
> I have just reverted your patch (https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=0e8a17b2d1a7e61ebb1e25b384526c44acc1f7a0),
> and will update the changelog for Core Update 170 in due course.
> 
> All the best,
> Peter Müller
> 
> 
>> Hey Peter!
>> 
>> Please revert this patch. 
>> 
>> During my testing of CU 170 (master/ef7d41ef) I stumbled across this netatalk issue:
>> 
>> ```
>> [root(a)ipfireAPU ~]# cat /var/log/afpd.log
>> Aug 16 17:06:22.314909 afpd[12975] {fault.c:123} (severe:Default): ===============================================================
>> Aug 16 17:06:22.314995 afpd[12975] {fault.c:124} (severe:Default): INTERNAL ERROR: Signal 11 in pid 12975 (3.1.13)
>> Aug 16 17:06:22.315032 afpd[12975] {fault.c:125} (severe:Default): ===============================================================
>> Aug 16 17:06:22.316206 afpd[12975] {fault.c:96} (severe:Default): PANIC: internal error
>> Aug 16 17:06:22.316252 afpd[12975] {fault.c:97} (severe:Default): BACKTRACE: 13 stack frames:
>> Aug 16 17:06:22.316288 afpd[12975] {fault.c:103} (severe:Default): #0 /usr/lib/libatalk.so.18(netatalk_panic+0x39) [0x794f2d563639]
>> Aug 16 17:06:22.316326 afpd[12975] {fault.c:103} (severe:Default): #1 /usr/lib/libatalk.so.18(+0x3a78e) [0x794f2d56378e]
>> Aug 16 17:06:22.316380 afpd[12975] {fault.c:103} (severe:Default): #2 /lib/libc.so.6(+0x3e680) [0x794f2ccbd680]
>> Aug 16 17:06:22.316426 afpd[12975] {fault.c:103} (severe:Default): #3 /usr/lib/libatalk.so.18(+0x1d195) [0x794f2d546195]
>> Aug 16 17:06:22.316462 afpd[12975] {fault.c:103} (severe:Default): #4 /usr/lib/libatalk.so.18(ad_open+0x4ba) [0x794f2d54768a]
>> Aug 16 17:06:22.316498 afpd[12975] {fault.c:103} (severe:Default): #5 /usr/sbin/afpd() [0x43093f]
>> Aug 16 17:06:22.316533 afpd[12975] {fault.c:103} (severe:Default): #6 /usr/sbin/afpd() [0x4316a1]
>> Aug 16 17:06:22.316567 afpd[12975] {fault.c:103} (severe:Default): #7 /usr/sbin/afpd(afp_openvol+0x354) [0x431d34]
>> Aug 16 17:06:22.316628 afpd[12975] {fault.c:103} (severe:Default): #8 /usr/sbin/afpd(afp_over_dsi+0x698) [0x40f448]
>> Aug 16 17:06:22.316664 afpd[12975] {fault.c:103} (severe:Default): #9 /usr/sbin/afpd(main+0x9d5) [0x40d255]
>> Aug 16 17:06:22.316699 afpd[12975] {fault.c:103} (severe:Default): #10 /lib/libc.so.6(+0x29590) [0x794f2cca8590]
>> Aug 16 17:06:22.316734 afpd[12975] {fault.c:103} (severe:Default): #11 /lib/libc.so.6(__libc_start_main+0x80) [0x794f2cca8640]
>> Aug 16 17:06:22.316770 afpd[12975] {fault.c:103} (severe:Default): #12 /usr/sbin/afpd(_start+0x25) [0x40d5b5]
>> . . .
>> ```
>> 
>> Adolf found it was a known bug.
>> https://sourceforge.net/p/netatalk/bugs/670/ <https://sourceforge.net/p/netatalk/bugs/670/>
>> 
>> But it doesn’t seem like it has been fixed by the Netatalk team yet.
>> 
>> Thank you!
>> Jon
>> 
>> 
>>> On Aug 5, 2022, at 4:08 AM, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>> 
>>> Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
>>> 
>>>> - this releases fixes the following major security issues:
>>>> CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123,
>>>> CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194.
>>>> - FIX: afpd: make a variable declaration a definition
>>>> - UPD: Remove bundled libevent
>>>> 
>>>> Signed-off-by: Jon Murphy <jon.murphy(a)ipfire.org>
>>>> ---
>>>> lfs/netatalk | 8 ++++----
>>>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>>> 
>>>> diff --git a/lfs/netatalk b/lfs/netatalk
>>>> index ef75c89fe..7a91fa948 100644
>>>> --- a/lfs/netatalk
>>>> +++ b/lfs/netatalk
>>>> @@ -1,7 +1,7 @@
>>>> ###############################################################################
>>>> # #
>>>> # IPFire.org - A linux based firewall #
>>>> -# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
>>>> +# Copyright (C) 2007-2022 IPFire Team <info(a)ipfire.org> #
>>>> # #
>>>> # This program is free software: you can redistribute it and/or modify #
>>>> # it under the terms of the GNU General Public License as published by #
>>>> @@ -26,7 +26,7 @@ include Config
>>>> 
>>>> SUMMARY = AppleShare file server
>>>> 
>>>> -VER = 3.1.12
>>>> +VER = 3.1.13
>>>> 
>>>> THISAPP = netatalk-$(VER)
>>>> DL_FILE = $(THISAPP).tar.gz
>>>> @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
>>>> DIR_APP = $(DIR_SRC)/$(THISAPP)
>>>> TARGET = $(DIR_INFO)/$(THISAPP)
>>>> PROG = netatalk
>>>> -PAK_VER = 3
>>>> +PAK_VER = 4
>>>> 
>>>> DEPS = avahi dbus
>>>> 
>>>> @@ -50,7 +50,7 @@ objects = $(DL_FILE)
>>>> 
>>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>> 
>>>> -$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc
>>>> +$(DL_FILE)_BLAKE2 = 2849e2a5b436f9965e0dd2aedf5078c560c78f45c1c86fbdea39228266b8fbcc096a3a62a08bd626b8b700fde4dd65d99f71f04478e129f6ec61c2ed7184780d
>>>> 
>>>> install : $(TARGET)


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] netatalk: update to 3.1.13
       [not found] <7D4055BC-CABB-48A5-938B-D83B16F6464C@gmail.com>
@ 2022-08-22  6:18 ` Peter Müller
  2022-08-22  8:45   ` Michael Tremer
  0 siblings, 1 reply; 7+ messages in thread
From: Peter Müller @ 2022-08-22  6:18 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 5219 bytes --]

Hello Jon,

thank you for testing this and reporting back.

I have just reverted your patch (https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=0e8a17b2d1a7e61ebb1e25b384526c44acc1f7a0),
and will update the changelog for Core Update 170 in due course.

All the best,
Peter Müller


> Hey Peter!
> 
> Please revert this patch.  
> 
> During my testing of CU 170 (master/ef7d41ef) I stumbled across this netatalk issue:
> 
> ```
> [root(a)ipfireAPU ~]# cat /var/log/afpd.log
> Aug 16 17:06:22.314909 afpd[12975] {fault.c:123} (severe:Default): ===============================================================
> Aug 16 17:06:22.314995 afpd[12975] {fault.c:124} (severe:Default): INTERNAL ERROR: Signal 11 in pid 12975 (3.1.13)
> Aug 16 17:06:22.315032 afpd[12975] {fault.c:125} (severe:Default): ===============================================================
> Aug 16 17:06:22.316206 afpd[12975] {fault.c:96} (severe:Default): PANIC: internal error
> Aug 16 17:06:22.316252 afpd[12975] {fault.c:97} (severe:Default): BACKTRACE: 13 stack frames:
> Aug 16 17:06:22.316288 afpd[12975] {fault.c:103} (severe:Default):  #0 /usr/lib/libatalk.so.18(netatalk_panic+0x39) [0x794f2d563639]
> Aug 16 17:06:22.316326 afpd[12975] {fault.c:103} (severe:Default):  #1 /usr/lib/libatalk.so.18(+0x3a78e) [0x794f2d56378e]
> Aug 16 17:06:22.316380 afpd[12975] {fault.c:103} (severe:Default):  #2 /lib/libc.so.6(+0x3e680) [0x794f2ccbd680]
> Aug 16 17:06:22.316426 afpd[12975] {fault.c:103} (severe:Default):  #3 /usr/lib/libatalk.so.18(+0x1d195) [0x794f2d546195]
> Aug 16 17:06:22.316462 afpd[12975] {fault.c:103} (severe:Default):  #4 /usr/lib/libatalk.so.18(ad_open+0x4ba) [0x794f2d54768a]
> Aug 16 17:06:22.316498 afpd[12975] {fault.c:103} (severe:Default):  #5 /usr/sbin/afpd() [0x43093f]
> Aug 16 17:06:22.316533 afpd[12975] {fault.c:103} (severe:Default):  #6 /usr/sbin/afpd() [0x4316a1]
> Aug 16 17:06:22.316567 afpd[12975] {fault.c:103} (severe:Default):  #7 /usr/sbin/afpd(afp_openvol+0x354) [0x431d34]
> Aug 16 17:06:22.316628 afpd[12975] {fault.c:103} (severe:Default):  #8 /usr/sbin/afpd(afp_over_dsi+0x698) [0x40f448]
> Aug 16 17:06:22.316664 afpd[12975] {fault.c:103} (severe:Default):  #9 /usr/sbin/afpd(main+0x9d5) [0x40d255]
> Aug 16 17:06:22.316699 afpd[12975] {fault.c:103} (severe:Default):  #10 /lib/libc.so.6(+0x29590) [0x794f2cca8590]
> Aug 16 17:06:22.316734 afpd[12975] {fault.c:103} (severe:Default):  #11 /lib/libc.so.6(__libc_start_main+0x80) [0x794f2cca8640]
> Aug 16 17:06:22.316770 afpd[12975] {fault.c:103} (severe:Default):  #12 /usr/sbin/afpd(_start+0x25) [0x40d5b5]
> . . .
> ```
> 
> Adolf found it was a known bug.
> https://sourceforge.net/p/netatalk/bugs/670/ <https://sourceforge.net/p/netatalk/bugs/670/>
> 
> But it doesn’t seem like it has been fixed by the Netatalk team yet.
> 
> Thank you!
> Jon
> 
> 
>> On Aug 5, 2022, at 4:08 AM, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>
>> Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
>>
>>> - this releases fixes the following major security issues:
>>>    CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123,
>>>    CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194.
>>> - FIX: afpd: make a variable declaration a definition
>>> - UPD: Remove bundled libevent
>>>
>>> Signed-off-by: Jon Murphy <jon.murphy(a)ipfire.org>
>>> ---
>>> lfs/netatalk | 8 ++++----
>>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/lfs/netatalk b/lfs/netatalk
>>> index ef75c89fe..7a91fa948 100644
>>> --- a/lfs/netatalk
>>> +++ b/lfs/netatalk
>>> @@ -1,7 +1,7 @@
>>> ###############################################################################
>>> #                                                                             #
>>> # IPFire.org - A linux based firewall                                         #
>>> -# Copyright (C) 2007-2018  IPFire Team  <info(a)ipfire.org>                     #
>>> +# Copyright (C) 2007-2022  IPFire Team  <info(a)ipfire.org>                     #
>>> #                                                                             #
>>> # This program is free software: you can redistribute it and/or modify        #
>>> # it under the terms of the GNU General Public License as published by        #
>>> @@ -26,7 +26,7 @@ include Config
>>>
>>> SUMMARY    = AppleShare file server
>>>
>>> -VER        = 3.1.12
>>> +VER        = 3.1.13
>>>
>>> THISAPP    = netatalk-$(VER)
>>> DL_FILE    = $(THISAPP).tar.gz
>>> @@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
>>> DIR_APP    = $(DIR_SRC)/$(THISAPP)
>>> TARGET     = $(DIR_INFO)/$(THISAPP)
>>> PROG       = netatalk
>>> -PAK_VER    = 3
>>> +PAK_VER    = 4
>>>
>>> DEPS       = avahi dbus
>>>
>>> @@ -50,7 +50,7 @@ objects = $(DL_FILE)
>>>
>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>
>>> -$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc
>>> +$(DL_FILE)_BLAKE2 = 2849e2a5b436f9965e0dd2aedf5078c560c78f45c1c86fbdea39228266b8fbcc096a3a62a08bd626b8b700fde4dd65d99f71f04478e129f6ec61c2ed7184780d
>>>
>>> install : $(TARGET)
>>>
> 
> 

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2022-08-22 20:04 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-05  2:38 [PATCH] netatalk: update to 3.1.13 Jon Murphy
2022-08-05  9:08 ` Peter Müller
     [not found] <7D4055BC-CABB-48A5-938B-D83B16F6464C@gmail.com>
2022-08-22  6:18 ` Peter Müller
2022-08-22  8:45   ` Michael Tremer
2022-08-22  9:05     ` Adolf Belka
2022-08-22  9:19       ` Michael Tremer
2022-08-22 20:04     ` Peter Müller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox