Package: netatalk Version: 3.1.12~ds-3+deb10u2 X-Debbugs-Cc: t...@security.debian.org,debian-lts@lists.debian.org
Dear Debian Security team, Would you be able to help me get the following critical regression fix into the Buster netatalk package? The regression was introduced with the patch for CVE-2022-23123 and is impacting a subset of users that have certain metadata in their shared files. The issue leads to an unavoidable crash and renders netatalk useless with their shared volumes. Separately, it also contains a fix for saving MS Office files onto an otherwise functioning shared volume. This is the commit with the fix in question: https://github.com/Netatalk/netatalk/commit/7dbde0ce704be7fbdb23e893e05cedced337350d See this PR for discussion and links back to the user reported issue tickets: https://github.com/Netatalk/netatalk/pull/178 See also Bug#1036740 for the previous batch of regression fixes for the same CVE. Thank you!
