Re: [PATCH] netatalk: update to 3.1.13

["Peter Müller" <peter.mueller@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 5790 bytes --]

Hello Michael,

indeed, thank you for flagging this. I just fixed it in "next".

All the best,
Peter Müller


> Hello Peter,
> 
> If you revert a patch like this, you would have to increase PAK_VER and not decrease it.
> 
> That way, people will “update” back to the old version because PAK_VER is everything that Pakfire checks.
> 
> There is a patch that should fix this available here:
> 
>   https://cgit.freebsd.org/ports/tree/net/netatalk3/files/patch-libatalk_adouble_ad__open.c?id=ad0b2e636d9ebf0bdcfdb30933fa0658fa657b17
> 
> Is anyone happy to give it a try?
> 
> -Michael
> 
>> On 22 Aug 2022, at 07:18, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>
>> Hello Jon,
>>
>> thank you for testing this and reporting back.
>>
>> I have just reverted your patch (https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=0e8a17b2d1a7e61ebb1e25b384526c44acc1f7a0),
>> and will update the changelog for Core Update 170 in due course.
>>
>> All the best,
>> Peter Müller
>>
>>
>>> Hey Peter!
>>>
>>> Please revert this patch. 
>>>
>>> During my testing of CU 170 (master/ef7d41ef) I stumbled across this netatalk issue:
>>>
>>> ```
>>> [root(a)ipfireAPU ~]# cat /var/log/afpd.log
>>> Aug 16 17:06:22.314909 afpd[12975] {fault.c:123} (severe:Default): ===============================================================
>>> Aug 16 17:06:22.314995 afpd[12975] {fault.c:124} (severe:Default): INTERNAL ERROR: Signal 11 in pid 12975 (3.1.13)
>>> Aug 16 17:06:22.315032 afpd[12975] {fault.c:125} (severe:Default): ===============================================================
>>> Aug 16 17:06:22.316206 afpd[12975] {fault.c:96} (severe:Default): PANIC: internal error
>>> Aug 16 17:06:22.316252 afpd[12975] {fault.c:97} (severe:Default): BACKTRACE: 13 stack frames:
>>> Aug 16 17:06:22.316288 afpd[12975] {fault.c:103} (severe:Default): #0 /usr/lib/libatalk.so.18(netatalk_panic+0x39) [0x794f2d563639]
>>> Aug 16 17:06:22.316326 afpd[12975] {fault.c:103} (severe:Default): #1 /usr/lib/libatalk.so.18(+0x3a78e) [0x794f2d56378e]
>>> Aug 16 17:06:22.316380 afpd[12975] {fault.c:103} (severe:Default): #2 /lib/libc.so.6(+0x3e680) [0x794f2ccbd680]
>>> Aug 16 17:06:22.316426 afpd[12975] {fault.c:103} (severe:Default): #3 /usr/lib/libatalk.so.18(+0x1d195) [0x794f2d546195]
>>> Aug 16 17:06:22.316462 afpd[12975] {fault.c:103} (severe:Default): #4 /usr/lib/libatalk.so.18(ad_open+0x4ba) [0x794f2d54768a]
>>> Aug 16 17:06:22.316498 afpd[12975] {fault.c:103} (severe:Default): #5 /usr/sbin/afpd() [0x43093f]
>>> Aug 16 17:06:22.316533 afpd[12975] {fault.c:103} (severe:Default): #6 /usr/sbin/afpd() [0x4316a1]
>>> Aug 16 17:06:22.316567 afpd[12975] {fault.c:103} (severe:Default): #7 /usr/sbin/afpd(afp_openvol+0x354) [0x431d34]
>>> Aug 16 17:06:22.316628 afpd[12975] {fault.c:103} (severe:Default): #8 /usr/sbin/afpd(afp_over_dsi+0x698) [0x40f448]
>>> Aug 16 17:06:22.316664 afpd[12975] {fault.c:103} (severe:Default): #9 /usr/sbin/afpd(main+0x9d5) [0x40d255]
>>> Aug 16 17:06:22.316699 afpd[12975] {fault.c:103} (severe:Default): #10 /lib/libc.so.6(+0x29590) [0x794f2cca8590]
>>> Aug 16 17:06:22.316734 afpd[12975] {fault.c:103} (severe:Default): #11 /lib/libc.so.6(__libc_start_main+0x80) [0x794f2cca8640]
>>> Aug 16 17:06:22.316770 afpd[12975] {fault.c:103} (severe:Default): #12 /usr/sbin/afpd(_start+0x25) [0x40d5b5]
>>> . . .
>>> ```
>>>
>>> Adolf found it was a known bug.
>>> https://sourceforge.net/p/netatalk/bugs/670/ <https://sourceforge.net/p/netatalk/bugs/670/>
>>>
>>> But it doesn’t seem like it has been fixed by the Netatalk team yet.
>>>
>>> Thank you!
>>> Jon
>>>
>>>
>>>> On Aug 5, 2022, at 4:08 AM, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>>>
>>>> Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
>>>>
>>>>> - this releases fixes the following major security issues:
>>>>> CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123,
>>>>> CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194.
>>>>> - FIX: afpd: make a variable declaration a definition
>>>>> - UPD: Remove bundled libevent
>>>>>
>>>>> Signed-off-by: Jon Murphy <jon.murphy(a)ipfire.org>
>>>>> ---
>>>>> lfs/netatalk | 8 ++++----
>>>>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>>>>
>>>>> diff --git a/lfs/netatalk b/lfs/netatalk
>>>>> index ef75c89fe..7a91fa948 100644
>>>>> --- a/lfs/netatalk
>>>>> +++ b/lfs/netatalk
>>>>> @@ -1,7 +1,7 @@
>>>>> ###############################################################################
>>>>> # #
>>>>> # IPFire.org - A linux based firewall #
>>>>> -# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
>>>>> +# Copyright (C) 2007-2022 IPFire Team <info(a)ipfire.org> #
>>>>> # #
>>>>> # This program is free software: you can redistribute it and/or modify #
>>>>> # it under the terms of the GNU General Public License as published by #
>>>>> @@ -26,7 +26,7 @@ include Config
>>>>>
>>>>> SUMMARY = AppleShare file server
>>>>>
>>>>> -VER = 3.1.12
>>>>> +VER = 3.1.13
>>>>>
>>>>> THISAPP = netatalk-$(VER)
>>>>> DL_FILE = $(THISAPP).tar.gz
>>>>> @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
>>>>> DIR_APP = $(DIR_SRC)/$(THISAPP)
>>>>> TARGET = $(DIR_INFO)/$(THISAPP)
>>>>> PROG = netatalk
>>>>> -PAK_VER = 3
>>>>> +PAK_VER = 4
>>>>>
>>>>> DEPS = avahi dbus
>>>>>
>>>>> @@ -50,7 +50,7 @@ objects = $(DL_FILE)
>>>>>
>>>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>>>
>>>>> -$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc
>>>>> +$(DL_FILE)_BLAKE2 = 2849e2a5b436f9965e0dd2aedf5078c560c78f45c1c86fbdea39228266b8fbcc096a3a62a08bd626b8b700fde4dd65d99f71f04478e129f6ec61c2ed7184780d
>>>>>
>>>>> install : $(TARGET)
>