Bug 33249 - netatalk new security issue CVE-2022-22995
Summary: netatalk new security issue CVE-2022-22995
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2024-05-28 15:30 CEST by Nicolas Salguero
Modified: 2024-05-31 17:16 CEST (History)
3 users (show)

See Also:
Source RPM: netatalk-3.1.14-2.mga9.src.rpm
CVE: CVE-2022-22995
Status comment: Packages in comment #10

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2024-05-28 15:30:04 CEST 
Ubuntu has issued an advisory on May 28:
https://ubuntu.com/security/notices/USN-6786-1

Fix: https://github.com/Netatalk/netatalk/commit/9eb6d9d0ac17dca210ccbf05476a925a6b379dfb

Mageia 9 is also affected.
Nicolas Salguero 2024-05-28 15:30:37 CEST

CVE: (none) => CVE-2022-22995
Status comment: (none) => Patch available from upstream
Source RPM: (none) => netatalk-3.1.14-3.mga10.src.rpm
Whiteboard: (none) => MGA9TOO

Comment 1 Nicolas Salguero 2024-05-28 15:54:40 CEST 
For Mageia 9, there was no problem building netatalk-3.1.14-2.1.mga9, that contains the patch.

For Cauldron, the build fails with:
"""
checking for 64 bit off_t... no
checking if large file support is available... no
configure: error: AFP 3.x support requires Large File Support.
"""
Comment 2 David GEIGER 2024-05-28 19:08:41 CEST 
Cauldron fixed updating to latest 3.1.18 release!

Version: Cauldron => 9
Whiteboard: MGA9TOO => (none)
CC: (none) => geiger.david68210
Assignee: bugsquad => qa-bugs

Comment 3 katnatek 2024-05-29 03:20:20 CEST Comment hidden (obsolete)
katnatek 2024-05-29 03:26:16 CEST

Keywords: (none) => advisory

Comment 4 katnatek 2024-05-29 03:36:09 CEST 
RH mageia 9 x86_64

Again I not have the current version on my system

LC_ALL=C urpmi /home/katnatek/qa-testing/x86_64/*.rpmTo satisfy dependencies, the following packages are going to be installed:
  Package                        Version      Release       Arch    
(medium "Core Release (distrib1)")
  lib64acl-devel                 2.3.1        2.mga9        x86_64  
  lib64nsl-devel                 1.3.0        3.mga9        x86_64  
  lib64tdb-devel                 1.4.7        2.mga9        x86_64  
  lib64tirpc-devel               1.3.3        1.mga9        x86_64  
  lib64wrap-devel                7.6          53.mga9       x86_64  
(command line)
  lib64netatalk-devel            3.1.14       2.1.mga9      x86_64  
  lib64netatalk18                3.1.14       2.1.mga9      x86_64  
  netatalk                       3.1.14       2.1.mga9      x86_64  
2.7MB of additional disk space will be used.
957KB of packages will be retrieved.
Proceed with the installation of the 8 packages? (Y/n) Y


    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64tirpc-devel-1.3.3-1.mga9.x86_64.rpm
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64tdb-devel-1.4.7-2.mga9.x86_64.rpm         
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64wrap-devel-7.6-53.mga9.x86_64.rpm         
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64nsl-devel-1.3.0-3.mga9.x86_64.rpm         
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64acl-devel-2.3.1-2.mga9.x86_64.rpm         
installing /home/katnatek/qa-testing/x86_64/netatalk-3.1.14-2.1.mga9.x86_64.rpm                                                     
/home/katnatek/qa-testing/x86_64/lib64netatalk18-3.1.14-2.1.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64acl-devel-2.3.1-2.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64wrap-devel-7.6-53.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64nsl-devel-1.3.0-3.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/lib64netatalk-devel-3.1.14-2.1.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64tirpc-devel-1.3.3-1.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64tdb-devel-1.4.7-2.mga9.x86_64.rpm
Preparing...                     ##################################################################################################
      1/8: lib64netatalk18       ##################################################################################################
      2/8: lib64tdb-devel        ##################################################################################################
      3/8: lib64tirpc-devel      ##################################################################################################
      4/8: lib64nsl-devel        ##################################################################################################
      5/8: lib64wrap-devel       ##################################################################################################
      6/8: lib64acl-devel        ##################################################################################################
      7/8: lib64netatalk-devel   ##################################################################################################
      8/8: netatalk              ##################################################################################################

Produce a fail that is not in previous round bug#31255 comment#7

systemctl  start netatalk
systemctl -l status netatalk
● netatalk.service - Netatalk AFP fileserver for Macintosh clients
     Loaded: loaded (/usr/lib/systemd/system/netatalk.service; disabled; preset: disabled)
     Active: active (running) since Tue 2024-05-28 19:31:53 CST; 10s ago
       Docs: man:afp.conf(5)
             man:netatalk(8)
             man:afpd(8)
             man:cnid_metad(8)
             man:cnid_dbd(8)
             http://netatalk.sourceforge.net/
    Process: 136117 ExecStartPre=/usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/netatalk.conf (code=exited, status=1/FAILURE)
    Process: 136118 ExecStart=/usr/sbin/netatalk (code=exited, status=0/SUCCESS)
   Main PID: 136120 (netatalk)
      Tasks: 4 (limit: 6904)
     Memory: 3.8M
        CPU: 398ms
     CGroup: /system.slice/netatalk.service
             ├─136120 /usr/sbin/netatalk
             ├─136121 /usr/sbin/afpd -d -F /etc/netatalk/afp.conf
             └─136122 /usr/sbin/cnid_metad -d -F /etc/netatalk/afp.conf

may 28 19:31:53 phoenix systemd[1]: Starting netatalk.service...
may 28 19:31:53 phoenix systemd-tmpfiles[136117]: Failed to open '/usr/lib/tmpfiles.d/netatalk.conf': No such file or directory
may 28 19:31:53 phoenix systemd[1]: netatalk.service: Can't open PID file /var/lock/netatalk (yet?) after start: No such file or dir>
may 28 19:31:53 phoenix netatalk[136120]: Netatalk AFP server starting
may 28 19:31:53 phoenix systemd[1]: Started netatalk.service.
may 28 19:31:53 phoenix cnid_metad[136122]: CNID Server listening on localhost:4700
may 28 19:31:53 phoenix netatalk[136120]: Registered with Zeroconf
may 28 19:31:53 phoenix afpd[136121]: Netatalk AFP/TCP listening on fe80::e269:95ff:fedd:cd47:548

Keywords: (none) => feedback

Comment 5 Nicolas Salguero 2024-05-29 14:10:16 CEST 
Hi,

When netatalk-3.1.14-2.2.mga9 is built, could you try to see if it solves the problem, please?

Best regards,

Nico.
Nicolas Salguero 2024-05-29 14:10:49 CEST

Status: NEW => ASSIGNED
Source RPM: netatalk-3.1.14-3.mga10.src.rpm => netatalk-3.1.14-2.mga9.src.rpm
Status comment: Patch available from upstream => (none)

Comment 6 katnatek 2024-05-29 20:18:26 CEST 
RH mageia 9 x86_64

LC_ALL=C urpmi /home/katnatek/qa-testing/x86_64/*.rpm
To satisfy dependencies, the following packages are going to be installed:
  Package                        Version      Release       Arch    
(medium "Core Release (distrib1)")
  lib64acl-devel                 2.3.1        2.mga9        x86_64  
  lib64nsl-devel                 1.3.0        3.mga9        x86_64  
  lib64tdb-devel                 1.4.7        2.mga9        x86_64  
  lib64tirpc-devel               1.3.3        1.mga9        x86_64  
  lib64wrap-devel                7.6          53.mga9       x86_64  
(command line)
  lib64netatalk-devel            3.1.14       2.2.mga9      x86_64  
  lib64netatalk18                3.1.14       2.2.mga9      x86_64  
  netatalk                       3.1.14       2.2.mga9      x86_64  
2.7MB of additional disk space will be used.
957KB of packages will be retrieved.
Proceed with the installation of the 8 packages? (Y/n) y


    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64tdb-devel-1.4.7-2.mga9.x86_64.rpm
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64tirpc-devel-1.3.3-1.mga9.x86_64.rpm       
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64wrap-devel-7.6-53.mga9.x86_64.rpm         
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64nsl-devel-1.3.0-3.mga9.x86_64.rpm         
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64acl-devel-2.3.1-2.mga9.x86_64.rpm         
installing /var/cache/urpmi/rpms/lib64tirpc-devel-1.3.3-1.mga9.x86_64.rpm                                                           
/var/cache/urpmi/rpms/lib64tdb-devel-1.4.7-2.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/lib64netatalk-devel-3.1.14-2.2.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/netatalk-3.1.14-2.2.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64acl-devel-2.3.1-2.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64wrap-devel-7.6-53.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/lib64netatalk18-3.1.14-2.2.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64nsl-devel-1.3.0-3.mga9.x86_64.rpm
Preparing...                     ##################################################################################################
      1/8: lib64netatalk18       ##################################################################################################
      2/8: lib64acl-devel        ##################################################################################################
      3/8: lib64tdb-devel        ##################################################################################################
      4/8: lib64tirpc-devel      ##################################################################################################
      5/8: lib64nsl-devel        ##################################################################################################
      6/8: lib64wrap-devel       ##################################################################################################
      7/8: lib64netatalk-devel   ##################################################################################################
      8/8: netatalk              ##################################################################################################

systemctl start netatalk
Job for netatalk.service failed because a timeout was exceeded.
See "systemctl status netatalk.service" and "journalctl -xeu netatalk.service" for details.

systemctl -l status netatalk
● netatalk.service - Netatalk AFP fileserver for Macintosh clients
     Loaded: loaded (/usr/lib/systemd/system/netatalk.service; disabled; preset: disabled)
     Active: activating (start) since Wed 2024-05-29 12:16:04 CST; 9s ago
       Docs: man:afp.conf(5)
             man:netatalk(8)
             man:afpd(8)
             man:cnid_metad(8)
             man:cnid_dbd(8)
             http://netatalk.sourceforge.net/
    Process: 321661 ExecStartPre=/usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/netatalk.conf (code=exited, status=0/SUCCESS)
    Process: 321662 ExecStart=/usr/sbin/netatalk (code=exited, status=0/SUCCESS)
      Tasks: 0 (limit: 6904)
     Memory: 8.0K
        CPU: 14ms
     CGroup: /system.slice/netatalk.service

may 29 12:16:04 phoenix systemd[1]: Starting netatalk.service...
may 29 12:16:04 phoenix systemd[1]: netatalk.service: Can't convert PID files /var/lock/netatalk O_PATH file descriptor to proper fi>
may 29 12:16:04 phoenix systemd[1]: netatalk.service: Can't convert PID files /var/lock/netatalk O_PATH file descriptor to proper fi>
lines 1-19/19 (END)


Looks that still have some issues
Comment 7 Nicolas Salguero 2024-05-30 11:33:29 CEST 
Hi,

netatalk-3.1.14-2.3.mga9 should really fix the problem (and netatalk-3.1.18-2.mga10 too).

Best regards,

Nico.
Comment 8 katnatek 2024-05-30 19:29:53 CEST 
RH mageia 9 x86_64

LC_ALL=C urpmi /home/katnatek/qa-testing/x86_64/*.rpm
To satisfy dependencies, the following packages are going to be installed:
  Package                        Version      Release       Arch    
(medium "Core Release (distrib1)")
  lib64nsl-devel                 1.3.0        3.mga9        x86_64  
  lib64tdb-devel                 1.4.7        2.mga9        x86_64  
  lib64tirpc-devel               1.3.3        1.mga9        x86_64  
  lib64wrap-devel                7.6          53.mga9       x86_64  
(command line)
  lib64netatalk-devel            3.1.14       2.3.mga9      x86_64  
  lib64netatalk18                3.1.14       2.3.mga9      x86_64  
  netatalk                       3.1.14       2.3.mga9      x86_64  
2.2MB of additional disk space will be used.
825KB of packages will be retrieved.
Proceed with the installation of the 7 packages? (Y/n) y


    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64tdb-devel-1.4.7-2.mga9.x86_64.rpm
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64wrap-devel-7.6-53.mga9.x86_64.rpm         
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64nsl-devel-1.3.0-3.mga9.x86_64.rpm         
    https://mirror.math.princeton.edu/pub/mageia/distrib/9/x86_64/media/core/release/lib64tirpc-devel-1.3.3-1.mga9.x86_64.rpm       
installing /home/katnatek/qa-testing/x86_64/lib64netatalk18-3.1.14-2.3.mga9.x86_64.rpm                                              
/home/katnatek/qa-testing/x86_64/netatalk-3.1.14-2.3.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64tdb-devel-1.4.7-2.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64wrap-devel-7.6-53.mga9.x86_64.rpm
/home/katnatek/qa-testing/x86_64/lib64netatalk-devel-3.1.14-2.3.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64nsl-devel-1.3.0-3.mga9.x86_64.rpm
/var/cache/urpmi/rpms/lib64tirpc-devel-1.3.3-1.mga9.x86_64.rpm
Preparing...                     ##################################################################################################
      1/7: lib64netatalk18       ##################################################################################################
      2/7: lib64tirpc-devel      ##################################################################################################
      3/7: lib64nsl-devel        ##################################################################################################
      4/7: lib64wrap-devel       ##################################################################################################
      5/7: lib64tdb-devel        ##################################################################################################
      6/7: lib64netatalk-devel   ##################################################################################################

systemctl start netatalk
ystemctl -l status netatalk
● netatalk.service - Netatalk AFP fileserver for Macintosh clients
     Loaded: loaded (/usr/lib/systemd/system/netatalk.service; disabled; preset: disabled)
     Active: active (running) since Thu 2024-05-30 11:20:41 CST; 14s ago
       Docs: man:afp.conf(5)
             man:netatalk(8)
             man:afpd(8)
             man:cnid_metad(8)
             man:cnid_dbd(8)
             http://netatalk.sourceforge.net/
    Process: 94830 ExecStartPre=/usr/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/netatalk.conf (code=exited, status=0/SUCCESS)
    Process: 94833 ExecStart=/usr/sbin/netatalk (code=exited, status=0/SUCCESS)
   Main PID: 94842 (netatalk)
      Tasks: 4 (limit: 6904)
     Memory: 4.0M
        CPU: 575ms
     CGroup: /system.slice/netatalk.service
             ├─94842 /usr/sbin/netatalk
             ├─94843 /usr/sbin/afpd -d -F /etc/netatalk/afp.conf
             └─94844 /usr/sbin/cnid_metad -d -F /etc/netatalk/afp.conf

may 30 11:20:41 phoenix systemd[1]: Starting netatalk.service...
may 30 11:20:41 phoenix systemd[1]: netatalk.service: Can't open PID file /run/lock/netatalk/netatalk (yet?) after start: No such fi>
may 30 11:20:41 phoenix netatalk[94842]: Netatalk AFP server starting
may 30 11:20:41 phoenix systemd[1]: Started netatalk.service.
may 30 11:20:41 phoenix cnid_metad[94844]: CNID Server listening on localhost:4700
may 30 11:20:41 phoenix netatalk[94842]: Registered with Zeroconf
may 30 11:20:42 phoenix afpd[94843]: Netatalk AFP/TCP listening on fe80::e269:95ff:fedd:cd47:548

Reun the pea.py script in Bug#30287 comment#5
This time all looks consistent with bug#31255 comment#7

Hope this is good enough

Keywords: feedback => (none)
CC: (none) => andrewsfarm
Whiteboard: (none) => MGA9-64-OK

Comment 9 katnatek 2024-05-30 19:33:28 CEST 
Advisory updated
Comment 10 katnatek 2024-05-30 19:34:37 CEST 
Packages in 9/core/updates_testing

i586:
libnetatalk-devel-3.1.14-2.3.mga9.i586.rpm
libnetatalk18-3.1.14-2.3.mga9.i586.rpm
netatalk-3.1.14-2.3.mga9.i586.rpm
# Packages: 3

x86_64:
lib64netatalk-devel-3.1.14-2.3.mga9.x86_64.rpm
lib64netatalk18-3.1.14-2.3.mga9.x86_64.rpm
netatalk-3.1.14-2.3.mga9.x86_64.rpm
# Packages: 3

SRPM:
netatalk-3.1.14-2.3.mga9.src.rpm
katnatek 2024-05-30 19:35:28 CEST

Status comment: (none) => Packages in comment #10

Comment 11 Thomas Andrews 2024-05-31 03:43:15 CEST 
Looks good enough to me. Validating.

CC: (none) => sysadmin-bugs
Keywords: (none) => validated_update

Comment 12 Mageia Robot 2024-05-31 17:16:13 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0201.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.