[Pkg-netatalk-devel] Bug#1036740: Bug#1036740: Bug#1036740: Fix for CVE-2022-23123 causes afpd segfault with valid metadata

Daniel Markstedt markstedt at gmail.com
Sat May 27 06:22:53 BST 2023


On Fri, May 26, 2023 at 1:15 PM Markus Koschany <apo at debian.org> wrote:
>
> Could you tell me which exact commands were used, so that I can try to
> reproduce the problem?
>

Do by any chance have access to a Mac of any vintage?
It could be a brand new machine running the latest macOS or a classic
Mac from the 90s running at least System Software 7.1

The problem occurs when the AFP client attempts to create the Mac file
system metadata (aka resource forks on Classic Mac OS, or extended
attributes on OSX.)

Netatalk should be configured something like this:

dmark at buster:~$ cat /etc/netatalk/afp.conf
[Global]
zeroconf name = Buster
uam list = uams_clrtxt.so uams_dhx2.so

[Homes]
basedir regex = /home
appledouble = v2

After authenticating with the netatalk server on the Mac, attempt to
copy any file to the shared volume.
You should get an instant error -50 in Mac OS, and see the
aforementioned errors in the logs.



More information about the pkg-netatalk-devel mailing list