SUSE-SU-2024:2301-1

UNKNOWN

Security update for netatalk

Published Jul 4, 2024

Modified 1 years ago

Fix available

This update for netatalk fixes the following issues:

CVE-2024-38439: Fixed a heap buffer overflow because of setting ibuf[PASSWDLEN] to \0 in FPLoginExt in login in etc/uams/uams_pam.c (bsc#1226430).
CVE-2024-38440: Fixed a heap buffer overflow because of incorrectly using FPLoginExt in BN_bin2bn in etc/uams/uams_dhx_pam.c (bsc#1226429).
CVE-2024-38441: Fixed a heap buffer overflow because of setting ibuf[len] to \0 in FPMapName in afp_mapname in etc/afp/directory.c (bsc#1226431).

SUSE:Linux Enterprise Software Development Kit 12 SP5libatalk0

Fixed in:

3.1.18-3.25.1

SUSE:Linux Enterprise Software Development Kit 12 SP5netatalk

Fixed in:

3.1.18-3.25.1

SUSE:Linux Enterprise Software Development Kit 12 SP5netatalk-devel

Fixed in:

3.1.18-3.25.1

SUSE:Linux Enterprise Workstation Extension 12 SP5libatalk0

Fixed in:

3.1.18-3.25.1

SUSE:Linux Enterprise Workstation Extension 12 SP5netatalk

Fixed in:

3.1.18-3.25.1

SUSE:Linux Enterprise Workstation Extension 12 SP5netatalk-devel

Fixed in:

3.1.18-3.25.1

PublishedJul 4, 2024

ModifiedJul 4, 2024

SUSE-SU-2024:2301-1 | Mondoo Vulnerability Intelligence