Re: [PATCH] netatalk: update to 3.1.13

[Adolf Belka <adolf.belka@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 6095 bytes --]

Hi All,

On 22/08/2022 10:45, Michael Tremer wrote:
> Hello Peter,
>
> If you revert a patch like this, you would have to increase PAK_VER and not decrease it.
>
> That way, people will “update” back to the old version because PAK_VER is everything that Pakfire checks.
>
> There is a patch that should fix this available here:
>
>    https://cgit.freebsd.org/ports/tree/net/netatalk3/files/patch-libatalk_adouble_ad__open.c?id=ad0b2e636d9ebf0bdcfdb30933fa0658fa657b17
>
> Is anyone happy to give it a try?
Jon already tried that out but he got a different set of errors with the 
patched version. Also in the BSD bug report, although it is closed there 
was a report at the end of it of errors in the patched version.

Not clear how bad the new errors are but it seemed better to revert back 
until the new errors were also fixed.

Regards,

Adolf.
> -Michael
>
>> On 22 Aug 2022, at 07:18, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>
>> Hello Jon,
>>
>> thank you for testing this and reporting back.
>>
>> I have just reverted your patch (https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=0e8a17b2d1a7e61ebb1e25b384526c44acc1f7a0),
>> and will update the changelog for Core Update 170 in due course.
>>
>> All the best,
>> Peter Müller
>>
>>
>>> Hey Peter!
>>>
>>> Please revert this patch.
>>>
>>> During my testing of CU 170 (master/ef7d41ef) I stumbled across this netatalk issue:
>>>
>>> ```
>>> [root(a)ipfireAPU ~]# cat /var/log/afpd.log
>>> Aug 16 17:06:22.314909 afpd[12975] {fault.c:123} (severe:Default): ===============================================================
>>> Aug 16 17:06:22.314995 afpd[12975] {fault.c:124} (severe:Default): INTERNAL ERROR: Signal 11 in pid 12975 (3.1.13)
>>> Aug 16 17:06:22.315032 afpd[12975] {fault.c:125} (severe:Default): ===============================================================
>>> Aug 16 17:06:22.316206 afpd[12975] {fault.c:96} (severe:Default): PANIC: internal error
>>> Aug 16 17:06:22.316252 afpd[12975] {fault.c:97} (severe:Default): BACKTRACE: 13 stack frames:
>>> Aug 16 17:06:22.316288 afpd[12975] {fault.c:103} (severe:Default): #0 /usr/lib/libatalk.so.18(netatalk_panic+0x39) [0x794f2d563639]
>>> Aug 16 17:06:22.316326 afpd[12975] {fault.c:103} (severe:Default): #1 /usr/lib/libatalk.so.18(+0x3a78e) [0x794f2d56378e]
>>> Aug 16 17:06:22.316380 afpd[12975] {fault.c:103} (severe:Default): #2 /lib/libc.so.6(+0x3e680) [0x794f2ccbd680]
>>> Aug 16 17:06:22.316426 afpd[12975] {fault.c:103} (severe:Default): #3 /usr/lib/libatalk.so.18(+0x1d195) [0x794f2d546195]
>>> Aug 16 17:06:22.316462 afpd[12975] {fault.c:103} (severe:Default): #4 /usr/lib/libatalk.so.18(ad_open+0x4ba) [0x794f2d54768a]
>>> Aug 16 17:06:22.316498 afpd[12975] {fault.c:103} (severe:Default): #5 /usr/sbin/afpd() [0x43093f]
>>> Aug 16 17:06:22.316533 afpd[12975] {fault.c:103} (severe:Default): #6 /usr/sbin/afpd() [0x4316a1]
>>> Aug 16 17:06:22.316567 afpd[12975] {fault.c:103} (severe:Default): #7 /usr/sbin/afpd(afp_openvol+0x354) [0x431d34]
>>> Aug 16 17:06:22.316628 afpd[12975] {fault.c:103} (severe:Default): #8 /usr/sbin/afpd(afp_over_dsi+0x698) [0x40f448]
>>> Aug 16 17:06:22.316664 afpd[12975] {fault.c:103} (severe:Default): #9 /usr/sbin/afpd(main+0x9d5) [0x40d255]
>>> Aug 16 17:06:22.316699 afpd[12975] {fault.c:103} (severe:Default): #10 /lib/libc.so.6(+0x29590) [0x794f2cca8590]
>>> Aug 16 17:06:22.316734 afpd[12975] {fault.c:103} (severe:Default): #11 /lib/libc.so.6(__libc_start_main+0x80) [0x794f2cca8640]
>>> Aug 16 17:06:22.316770 afpd[12975] {fault.c:103} (severe:Default): #12 /usr/sbin/afpd(_start+0x25) [0x40d5b5]
>>> . . .
>>> ```
>>>
>>> Adolf found it was a known bug.
>>> https://sourceforge.net/p/netatalk/bugs/670/ <https://sourceforge.net/p/netatalk/bugs/670/>
>>>
>>> But it doesn’t seem like it has been fixed by the Netatalk team yet.
>>>
>>> Thank you!
>>> Jon
>>>
>>>
>>>> On Aug 5, 2022, at 4:08 AM, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>>>
>>>> Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
>>>>
>>>>> - this releases fixes the following major security issues:
>>>>> CVE-2021-31439, CVE-2022-23121, CVE-2022-23122, CVE-2022-23123,
>>>>> CVE-2022-23124, CVE-2022-23125 and CVE-2022-0194.
>>>>> - FIX: afpd: make a variable declaration a definition
>>>>> - UPD: Remove bundled libevent
>>>>>
>>>>> Signed-off-by: Jon Murphy <jon.murphy(a)ipfire.org>
>>>>> ---
>>>>> lfs/netatalk | 8 ++++----
>>>>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>>>>
>>>>> diff --git a/lfs/netatalk b/lfs/netatalk
>>>>> index ef75c89fe..7a91fa948 100644
>>>>> --- a/lfs/netatalk
>>>>> +++ b/lfs/netatalk
>>>>> @@ -1,7 +1,7 @@
>>>>> ###############################################################################
>>>>> # #
>>>>> # IPFire.org - A linux based firewall #
>>>>> -# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
>>>>> +# Copyright (C) 2007-2022 IPFire Team <info(a)ipfire.org> #
>>>>> # #
>>>>> # This program is free software: you can redistribute it and/or modify #
>>>>> # it under the terms of the GNU General Public License as published by #
>>>>> @@ -26,7 +26,7 @@ include Config
>>>>>
>>>>> SUMMARY = AppleShare file server
>>>>>
>>>>> -VER = 3.1.12
>>>>> +VER = 3.1.13
>>>>>
>>>>> THISAPP = netatalk-$(VER)
>>>>> DL_FILE = $(THISAPP).tar.gz
>>>>> @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE)
>>>>> DIR_APP = $(DIR_SRC)/$(THISAPP)
>>>>> TARGET = $(DIR_INFO)/$(THISAPP)
>>>>> PROG = netatalk
>>>>> -PAK_VER = 3
>>>>> +PAK_VER = 4
>>>>>
>>>>> DEPS = avahi dbus
>>>>>
>>>>> @@ -50,7 +50,7 @@ objects = $(DL_FILE)
>>>>>
>>>>> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>>>>>
>>>>> -$(DL_FILE)_BLAKE2 = 912bb85045952202becc42899f87ada33427ded987de6c7a6b56c061c1eb6d1a96d95a1700522bfe2119c6db8bbec94eeb4c64c480f59ff7d406542390705efc
>>>>> +$(DL_FILE)_BLAKE2 = 2849e2a5b436f9965e0dd2aedf5078c560c78f45c1c86fbdea39228266b8fbcc096a3a62a08bd626b8b700fde4dd65d99f71f04478e129f6ec61c2ed7184780d
>>>>>
>>>>> install : $(TARGET)

-- 
Sent from my laptop